Home page logo
/

basics logo Security Basics mailing list archives

RE: SSH Scans
From: "Bergert, David" <David.Bergert () rsmi com>
Date: Fri, 17 Mar 2006 17:10:27 -0600

http://denyhosts.sourceforge.net


David Bergert
Supervisor, Technology Risk Management Services
RSM McGladrey, Inc.
201 North Harrison Street, Suite. 300
Davenport, IA 52801
Office: 563-888-4023
Mobile: 563-650-6006
Fax: 563-324-6939
david.bergert () rsmi com
www.rsmmcgladrey.com

-----Original Message-----
From: michelpereira () gmail com [mailto:michelpereira () gmail com] On Behalf Of Michel Pereira
Sent: Thursday, March 16, 2006 8:45 PM
To: security-basics () securityfocus com
Subject: SSH Scans

   After of seeing a lot of ssh scans on my firewalls and home PC, I
made a script that filters out the "Invalid User" entry inside
/var/log/messages and do some cleaning process, the result is a
dictionary (homebrew) of users that tried to login into my hosts.
   Into the dictionary I saw english and Brazilian Portuguese words,
maybe we have Brazilian hackers running scan bots too.
   This work is only for experiment and curiosity to see what is
happening with Internet today, you can get the script and dictionary
in http://www.michel.eti.br/2006/03/ssh-scans.html

   If you have a better idea of sugestion, please mail me:
"michel () michel eti br"

Bye
--
Só Jesus salva,o homem faz backups.
http://www.michel.eti.br

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------




DISCLAIMER:
This e-mail is only intended for the person(s) to whom it is addressed and may contain confidential information. Unless 
stated to the contrary, any opinions or comments are personal to the writer and do not represent the official view of 
the company. If you have received this e-mail in error, please notify us immediately by reply e-mail and then delete 
this message from your system. Please do not copy it or use it for any purposes, or disclose its contents to any other 
person. Thank you for your cooperation.

Any advice contained in this email (including any attachments unless expressly stated otherwise) is not intended or 
written to be used, and cannot be used, for purposes of avoiding tax penalties that may be imposed on any taxpayer.

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • SSH Scans Michel Pereira (Mar 17)
    • <Possible follow-ups>
    • RE: SSH Scans Bergert, David (Mar 20)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]