Spike in SSH attacks
Chip Marshall
chip at 2bithacker.net
Mon Jun 21 09:58:29 EDT 2010
On 21-Jun-2010, Marc Nozell (marc at nozell.com) <nozell at gmail.com> sent:
> FYI, I've been using sshguard for a few month to drop routes to
> sites that are probing my server.
On my cable modem at least, I've been seeing an huge increase in
distributed SSH bruteforcing, so sshguard isn't effective. There's
clearly a pattern in the usernames being attempted, but the source IPs
are all over the place.
--
Chip Marshall <chip at 2bithacker.net>
http://weblog.2bithacker.net/ KB1QYW PGP key ID 43C4819E
v4sw5PUhw4/5ln5pr5FOPck4ma4u6FLOw5Xm5l5Ui2e4t4/5ARWb7HKOen6a2Xs5IMr2g6CM
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url : http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20100621/a64b3bdb/attachment.bin
More information about the gnhlug-discuss
mailing list