[Intrusions] SSH brute forcers
Jim McCullough
jim.mccullough at gmail.com
Sat May 28 17:31:32 GMT 2005
WOOOHOOO. Its getting to the point that the SSH brute force attmepts
on the 2 servers I am working on atm are coming at 4 to 8 times a day,
no reasoning behind the number of attempts yet either.
Jim McCullough
On 5/28/05, DHoelzer at cyber-defense.org <DHoelzer at cyber-defense.org> wrote:
> I've been automatically shunning SSH brute forcers for several months now
> but I've recently decided to become a bit more aggressive. I am now
> publishing a blacklist populated by known SSH bruteforcing sources on my
> site that is updated every minute based on my own detects from several
> sites. If you have any addresses to contribute please send them my way.
> Feel free to grab a copy of the list if you want to populate your ACLs
> which is what I'm doing for my customers.
>
> Best regards
> -----------------------------------------------------
> David Hoelzer
> Cyber-Defense.org
> http://www.cyber-defense.org/CV.html
> _______________________________________________
> Intrusions mailing list
> Intrusions at lists.sans.org
> http://www.dshield.org/mailman/listinfo/intrusions
>
--
Jim McCullough
More information about the Intrusions
mailing list