Date: Wed, 6 Apr 2005 17:58:56 +0200 From: "Devon H. O'Dell " <dodell@offmyserver.com> To: Martin McCormick <martin@dc.cis.okstate.edu> Cc: freebsd-security@freebsd.org Subject: Re: What is this Very Stupid DOS Attack Script? Message-ID: <20050406155856.GA43436@smp500.sitetronics.com> In-Reply-To: <200504061549.j36Fn8Y5082507@dc.cis.okstate.edu> References: <200504061549.j36Fn8Y5082507@dc.cis.okstate.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
--Y46NoIcKQuicSz3X Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Wed, Apr 06, 2005 at 10:49:08AM -0500, Martin McCormick wrote: > We have been noticing flurries of sshd reject messages in > which some system out there in the hinterlands hits us with a flood of > ssh login attempts. An example: [snip] If you search google, you'll see many recent similar threads on both this and other mailing lists. Perhaps the most interesting is one recently on the DragonFly BSD users list, in which there were several scripts / applications written to analyze the logs and add IPFW / PF rules blocking these connections. It's simply a brute force kiddy script. No harm. Or, shouldn't be if you don't use silly passwords ;) The script simply tries user:user combinations. --Devon --Y46NoIcKQuicSz3X Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCVAdASkf3jVXOdl0RAspQAKCZRqRWLAEopgWfteN5j4091simkQCfWkqQ EjLXiRNPVdc6k8OLdI/KVGY= =BEDN -----END PGP SIGNATURE----- --Y46NoIcKQuicSz3X--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050406155856.GA43436>