[Intrusions] FYI - SSH bruteforcing
Ronaldo Vasconcellos
ronaldo at cais.rnp.br
Fri Dec 3 23:45:17 GMT 2004
FYI, although I guess most of you were already made aware of brutessh2.
SSH Remote Root password Brute Force Cracker Utility
http://www.k-otik.com/exploits/08202004.brutessh2.c.php
Best regards,
---
Ronaldo C Vasconcellos
CAIS/RNP - Brazilian Research Network CSIRT
http://www.rnp.br/en/cais
On Fri, 3 Dec 2004, Andrew Daviel wrote:
> Date: Fri, 3 Dec 2004 00:48:26 -0800 (PST)
> From: Andrew Daviel <andrew at andrew.triumf.ca>
> Reply-To: "Intrusions List (GCIA Practicals)" <intrusions at lists.sans.org>
> To: intrusions at incidents.org
> Subject: [Intrusions] FYI - SSH bruteforcing
>
>
> FYI
>
> Recently we had a brute-force attempt to guess SSH passwords from a
> machine in taiwan 203.95.227.177 (www.shark-tw.net)
>
> The process identifies itself as SSH-2.0-libssh-0.1 and tries to guess
> passwords for the users root,admin, test and guest.
>
> We had an earlier run-in with this kind of thing - the password guessed
> for guest is guest I think .. hey, that rhymes .. :-)
More information about the Intrusions
mailing list