RE: CRIME SSH scanning

From: Schwarting, Irene S (Irene.Schwarting@private)
Date: Sun Oct 31 2004 - 13:16:49 PST


There's some new bots out that do automatic bruceforce password exploits against ssh. We're seeing across-the-board increases in ssh scanning. 

Irene

Has anyone found anything more about the ssh scans that have been going
on?  I have been getting scripted ssh login attempts on every machine I
have.  I get at least one scan a day from a single ip address (different
every time) with an ever increasing list of account names.

I have seen a number of comments about seeing the scans, but no clues as
to who or why.

-- 
'This message has not been made with the consent or cooperation of
the Federal Board of Regulations (F.B.R.) or the Central Enquires
Agency (C.E.A.). Any resemblance to persons living or dead is purely
coincidental, and so forth and so on.



This archive was generated by hypermail 2.1.3 : Sun Oct 31 2004 - 14:06:44 PST