| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: Automated SSH login attempts? On Fri, 30 Jul 2004 09:39:55 EDT, "Neal O'Creat" said: > Could it be possible that there are different versions of this, one > making noise and one much rarer one with an exploit? It's more likely that there's one version, making noise and very rarely finding a box with stupid passwords. It's possible there's another rare version that tries several stupid passwords and a few old SSH vulnerabilities. Is there *any* reliable evidence (even a single box) that appears to have been nailed by a new exploit? I'll gladly change my mind, but it will take somebody actually finding a box running a *recent* SSH and had guest/test/and_so_on properly secured, and the attack *still* got in.... -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 226 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040730/ac5b0c0f/attachment.bin
Powered by blists - more mailing lists