Security Incidents mailing list archives
Re: SSH probe attack afoot?
From: Joe Egloff <joe.egloff () franke com>
Date: 8 Feb 2005 18:25:06 -0000
In-Reply-To: <42089361.1010203 () yahoo com sg> Matter of fact I did, but the amount of hosts is increasing. I'm currently assuming, that there some sort race going on. Seems like one or more groups trying to "expand" their bot nets. Why bot nets? Well, on most of the systems I checked I found that the IRC ports are open or on other ports some IRC alike service is running.
Just curious here, after finding out where the IP >addresses come from, do you go ahead and send a abuse >complains to each one of them?
Current thread:
- Re: SSH probe attack afoot?, (continued)
- Re: SSH probe attack afoot? Barrie Dempster (Feb 07)
- Re: SSH probe attack afoot? j lake (Feb 08)
- Re: SSH probe attack afoot? Jeffrey Goldberg (Feb 12)
- Re: SSH probe attack afoot? Stephen J. Smoogen (Feb 12)
- Re: SSH probe attack afoot? Jeffrey Goldberg (Feb 16)
- Re: SSH probe attack afoot? Joe Egloff (Feb 07)
- Re: SSH probe attack afoot? naverxp (Feb 08)
- Re: SSH probe attack afoot? Tim (Feb 08)
- Re: SSH probe attack afoot? Frank Knobbe (Feb 08)
- Re: SSH probe attack afoot? Matt Fisher (Feb 09)
- Re: SSH probe attack afoot? naverxp (Feb 08)
- Re: SSH probe attack afoot? Joe Egloff (Feb 08)
- Re: SSH probe attack afoot? Barrie Dempster (Feb 08)
- Re: SSH probe attack afoot? j () 65535 com (Feb 09)
- Chinese HTTP ACKs David Gillett (Feb 09)
- Re: Chinese HTTP ACKs Frank Knobbe (Feb 09)
- Re: SSH probe attack afoot? Barrie Dempster (Feb 08)