Date: Sun, 02 Oct 2005 17:29:12 -0600 From: Brett Glass <brett@lariat.org> To: Kevin Day <toasty@dragondata.com> Cc: freebsd-security@freebsd.org Subject: Re: Repeated attacks via SSH Message-ID: <6.2.3.4.2.20051002171946.08f98c08@localhost> In-Reply-To: <9153DDB6-6FD4-4B14-9997-D6145F80AC3A@dragondata.com> References: <6.2.3.4.2.20051002153930.07a50528@localhost> <9153DDB6-6FD4-4B14-9997-D6145F80AC3A@dragondata.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 05:05 PM 10/2/2005, Kevin Day wrote: >This is pretty common, I'm afraid. SSH scanning with brute force >password guessing has gone through the roof in the last 9-12 months, >but it's been going on for years. > >We announce a /19 worth of space, and see several hundred ssh >connects per second across it. The amount of junk port 22 traffic has >exceeded the amount of junk port 25 traffic for us now. For us, it just did this weekend. Major swarm of bots, mostly from the UK and eastern Europe. I can't imagine we're alone. The sudden increase -- and the tactic of harvesting e-mail addresses and trying to match them to accounts -- were the reasons I decided to post. People are going to want to make their security a bit tighter. Spam, worms, bots.... This Internet thang is sure becoming a cesspool. --Brett
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.2.3.4.2.20051002171946.08f98c08>