[unisog] step up in SSH scanning starting today?
Couples, Christopher
couples at wharton.upenn.edu
Tue May 13 17:28:33 GMT 2008
The debian advisory is due to a failure in seeding the RNG for openssl during keygen; a wave of password attacks, as we're pretty much all noting, wouldn't seem to be related.
As a side note, someone mentioned autoban to programmatically add brute-forcing hosts to hosts.deny; I'd also like to plug denyhosts, a python script that can also be found on sourceforge. Are there other tools that are widely in use, or are most folks simply rolling their own?
---
Christopher Couples
Core Systems
Wharton Computing and Information Technology
Wharton School of Business
-----Original Message-----
From: unisog-bounces at lists.dshield.org [mailto:unisog-bounces at lists.dshield.org] On Behalf Of Michael Holstein
Sent: Tuesday, May 13, 2008 1:15 PM
To: UNIversity Security Operations Group
Subject: Re: [unisog] step up in SSH scanning starting today?
> Anyone else see a significant rise in SSH dictionary attacks, especially
> from .KR?
>
Possibly related to this?
http://lists.debian.org/debian-security-announce/2008/msg00152.html
Cheers,
Michael Holstein CISSP GCIA
Cleveland State University
_______________________________________________
unisog mailing list
unisog at lists.dshield.org
https://lists.sans.org/mailman/listinfo/unisog
More information about the unisog
mailing list