[unisog] step up in SSH scanning starting today?
Tom Perrine
tperrine at scea.com
Mon May 12 20:40:01 GMT 2008
Anyone else see a significant rise in SSH dictionary attacks, especially
from .KR?
A friend at a local ISP (CA.US) reported this morning that they usually
see 1-3 scans per day, but had 10 concurrent sweeps this morning with
more sources popping up at about 1 new per hour. Most sources in China,
and KR, IIRC.
Another site (UK) reported a similar but not quite as aggressive set of
new sweeps, all theirs from .KR IP space.
I'm not seeing it here.
What's the consensus? Isolated or major ramp-up?
More information about the unisog
mailing list