[unisog] step up in SSH scanning starting today?
Christopher A Bongaarts
cab at tc.umn.edu
Tue May 13 17:28:24 GMT 2008
In the immortal words of Michael Holstein:
> > Anyone else see a significant rise in SSH dictionary attacks, especially
> > from .KR?
> Possibly related to this?
Strongly doubt it. The debian vulnerability is an issue with key
crypto keys, which uses a different auth mechanism than passwords.
It's possible a sufficiently clever attacker could wrap both attacks
into one, as SSH will let you try keys first, then passwords, in the
Most of the rate-limiting/lockout workarounds (DenyHosts happens to be
my preference) should also help protect against brute-forcing private
%% Christopher A. Bongaarts %% cab at tc.umn.edu %%
%% Internet Services %% http://umn.edu/~cab %%
%% University of Minnesota %% +1 (612) 625-1809 %%
More information about the unisog