Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Fwd: Re: Looking at SSH scans passwords (honeypot analysis)
From: Michal <michal () ionic co uk>
Date: Fri, 15 Jan 2010 11:24:23 +0000

On 14/01/2010 22:55, Elliot Fernandes wrote:
What I can say is that, the person who was trying to access your honeypot was using a wordlist, albeit of bad quality 
because the wordlist contains a large degree of statistical randomness. For the most of us, passwords consist of 
dictionary words, so a good wordlist would contain that and permutations of it, not just gibberish. By the way, I've 
scouraged the internet for wordlists and I've seen entries with ! () #$%^&*( , ! () #$% , ! () #$ , ! () # and the 
others you've included.

On an American Keyboard ! () #$%^&*( is shift and the numbers 1 to 9, for
English it's !"£$%^&*( but as he said it's just wordlists filled with
that, thinking someone might use it as a password, which I guess is
possible, it's probably better then your husbands name for example, but
still shit

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]