mailing list archives
Re: Automated SSH login attempts?
From: Valdis.Kletnieks () vt edu
Date: Fri, 30 Jul 2004 14:39:40 -0400
On Fri, 30 Jul 2004 09:39:55 EDT, "Neal O'Creat" said:
Could it be possible that there are different versions of this, one
making noise and one much rarer one with an exploit?
It's more likely that there's one version, making noise and very rarely finding
a box with stupid passwords. It's possible there's another rare version that
tries several stupid passwords and a few old SSH vulnerabilities. Is there
*any* reliable evidence (even a single box) that appears to have been nailed by
a new exploit?
I'll gladly change my mind, but it will take somebody actually finding a
box running a *recent* SSH and had guest/test/and_so_on properly secured,
and the attack *still* got in....