Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

basics logo Security Basics mailing list archives

Re: help:tool to bruteforce ssh connections
From: Gregory Boyce <gregory.boyce () gmail com>
Date: Mon, 11 May 2009 10:04:07 -0400
I used to investigate and report those sorts of attacks. In just about every instance the attacking system was one that had fallen to the exact same attack. 

The fact you see attacks is proof they still work.

On May 7, 2009, at 5:12 PM, cy10 () no-email com wrote:
I'd have to ask how effective this is as well. My firewall alerts me every time some kid runs a bf on my ssh door. I say kid, becuase if it's not root (does ANYONE still allow ssh to root???) or some ridiculous username; admin, sales, etc.
I used to get 50-100 such alerts from my firewall everyday. After blocking entire countries (only four so far, use your imagination) that number has dropped to like less than a half dozen.
Kind of hard to believe there are still people out there not securing SSH. Sigh... 

/rant
--- --------------------------------------------------------------------- 
This list is sponsored by: InfoSec Institute
Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! 

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
--- --------------------------------------------------------------------- 



------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute
Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! 
http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]