lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200408261047.51990.andreas@inferno.nadir.org>
From: andreas at inferno.nadir.org (andreas@...erno.nadir.org)
Subject: Automated ssh scanning

Hi, 

do you have an image you can share with us?
did you setup key logging?
if not, setup your honeypot again with better control about, what 
the intruder is doing.

regards,

andreas


On Thursday 26 August 2004 09:14, Richard Verwayen wrote:
> On Thu, 2004-08-26 at 03:11, David Vincent wrote:
> > >Hello list!
> > >
> > >A few weeks ago there was a discussion about automated ssh scanning with
> > >user/password combinations like guest/guest or admin/admin.
> > >I set up a debian woody fully patched with both accounts activated, and
> > >got rooted some days later...
> > >
> > >The attackers installed some software and irc-bots and tried to use this
> > >host for testing other computers, thats not the point. I would like to
> > >know where's the weak point in the system? As the system was updates on
> > >a daily base! The only known weakness were these two accounts!
> >
> > you didn't set up admin/admin as root did you?
> >
> > just asking.
> >
> > -d
>
> Hello David,
>
> no I created only unprivileged user accounts! And the root password is
> not considered to be weak!
>
> Richard
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ