Matt's Blog
It's a blog.
ssh Brute-force Attempts
12 May 2008I used to get a couple hosts bounced a week… They’d try to brute-force username/password combos over ssh and DenyHosts would ban their IP after 5 failed logins.
For a couple days last week, I probably had about 50 in a 24-hour period, and then they went away as quickly as they started.
Today… Well, today is insane. As this site confirms, GMail limits a “conversation” to 61 conversations. So as this screenshot shows…
Related posts:
Comment Form
Categories
- 2008 (45)
- Business (82)
- Computers (201)
- Cool Links (154)
- Funny (48)
- Ham Radio (14)
- Hero of the Day (47)
- Humanitarianism (42)
- Ideas (75)
- Insanity (175)
- Interesting (80)
- Linux Tips (40)
- Lists (26)
- Living (202)
- Materialism (77)
- Obama (55)
- OCD (119)
- Performance (29)
- Photography (54)
- Politics (113)
- Programming (96)
- Rails (1)
- Rants & Raves (316)
- Scanner Listening (2)
- School (43)
- Security (26)
- Uncategorized (751)
Archives
- April 2013
- March 2013
- December 2012
- November 2012
- October 2012
- August 2012
- July 2012
- May 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- Matt: Hey Victor, A couple good resources for you... http://www.scanboston.com/boston.htm is really det [...]
- victor: Hi i just got a uniden bearcay scanner and have no local or regional frequency directory.just 1 460 [...]
- Matt: I do use them periodically. I bought a few i760's, for perhaps $10 apiece in a lot, on eBay a while [...]
- Marin: Did you eventually end up going with an iDEN phones using Direct Talk? I had some i560's a few year [...]
- Dan: fyi, EOD = explosive ordnance disposal [...]
2 Responses to ssh Brute-force Attempts
Matt
May 12th, 2008 at 10:27 am
Current count: since 10pm last night, 338 different hosts have tried…
“avian” and “avidan” keep getting tried as the first guesses… Good thing I haven’t given any birds a shell account with a blank password? Or a guy named Dan who’s a big fan of .avi’s?
Matt
May 12th, 2008 at 3:21 pm
Looks like it’s a major botnet, which is pretty foolishly brute-forcing hosts on each IP it finds… (Which means it’s exposing each of its members?)