Date: Tue, 01 Dec 2009 20:51:23 -0500 From: Mike Tancsa <mike@sentex.net> To: Brett Glass <brett@lariat.org>, freebsd-security@freebsd.org Subject: Re: Increase in SSH attacks as of announcement of rtld bug Message-ID: <200912020150.nB21ossm072930@lava.sentex.ca> In-Reply-To: <200912020145.SAA17523@lariat.net> References: <200912010120.nB11Kjm9087476@freefall.freebsd.org> <200912010522.WAA03022@lariat.net> <200912011724.KAA10851@lariat.net> <200912011909.nB1J9JRM070879@lava.sentex.ca> <200912020145.SAA17523@lariat.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 08:44 PM 12/1/2009, Brett Glass wrote: >At 12:09 PM 12/1/2009, Mike Tancsa wrote: > >>http://isc.sans.org/trends.html >>and >>http://isc.sans.org/port.html >> >>Do not seem to show any increase. > >Do those stats account for the fact that the attackers may first be >fingerprinting servers to see if they're running FreeBSD? No idea. But looking at the logs of various hosts targeted by distributed scanners that hit my network, they dont seem to be that intelligent. There is no reason it couldnt be done, but I havent seen it yet here anyways. ---Mike >--Brett -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200912020150.nB21ossm072930>