Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

   


   


   

















      :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FYI: Brute-force SSH Attacks on the Rise



http://isc.sans.org/diary.html?n&storyid=4408

Brute-force SSH Attacks on the Rise
Published: 2008-05-12,
Last Updated: 2008-05-13 02:50:21 UTC
by Scott Fendley (Version: 2)
0 comment(s)

Greetings everyone.  Just a bit of a reminder that many colleges and 
universities are done for the spring semester, and the K12s are right around 
the corner.  As most of you already realize, this means that a number of very 
intelligent kids and young adults are soon to have far more free time on their 
hands (and less adult supervision during the normal working hours for their 
parents).  So I expect that there will be a bit of an increase of attacks and 
other general noise from outside of corporate or campus network as we have 
observed in prior years.

In that frame of mind, there has been a significant amount of brute force 
scanning reported by some of our readers and on other mailing lists.  And there 
does appear to be a bit of a spike reflected in the port 22/tcp sources in the 
past week in the Dshield data.

Jim Owens and Jeanna Matthews of Clarkson University released a paper at the 
Usenix LEET '08 conference which investigates current methods and dictionaries 
used by attackers of SSH in the past several months.  The paper shows some 
evaluations of common techniques used to defend against brute force attacks 
that are worth reading to some.



 




Copyright © Lexa Software, 1996-2009.