[unisog] step up in SSH scanning starting today?

Couples, Christopher couples at wharton.upenn.edu
Tue May 13 17:28:33 GMT 2008

The debian advisory is due to a failure in seeding the RNG for openssl during keygen; a wave of password attacks, as we're pretty much all noting, wouldn't seem to be related.

As a side note, someone mentioned autoban to programmatically add brute-forcing hosts to hosts.deny; I'd also like to plug denyhosts, a python script that can also be found on sourceforge. Are there other tools that are widely in use, or are most folks simply rolling their own?

Christopher Couples
Core Systems
Wharton Computing and Information Technology
Wharton School of Business

-----Original Message-----
From: unisog-bounces at lists.dshield.org [mailto:unisog-bounces at lists.dshield.org] On Behalf Of Michael Holstein
Sent: Tuesday, May 13, 2008 1:15 PM
To: UNIversity Security Operations Group
Subject: Re: [unisog] step up in SSH scanning starting today?

> Anyone else see a significant rise in SSH dictionary attacks, especially
> from .KR?

Possibly related to this?



Michael Holstein CISSP GCIA
Cleveland State University
unisog mailing list
unisog at lists.dshield.org

More information about the unisog mailing list