On 02/05/2015 10:34 AM, Always Learning wrote:
On Thu, 2015-02-05 at 09:51 -0500, Lamar Owen wrote:
Those crackers who build these botnets are the ones who rent out
botnet time to people who just was to get the work done. There is a
large market in botnet time.
Surely its time for the Feds to arrest and change them ?
The Feds in which country?
Gee thanks. I'll use it for root on every server ;-)
Do note that now that it has been posted to a public list, while it was
safe while unpublished, it would not be safe in the future. I have in
my possession a file of passwords from a compromised server here, from
several years ago. This was part of one of the slow-bruteforcer
networks out there, and is one reason we now whitelist only needed
outbound connections on port 22 and block all others on our two internet
connections.
Incidentally, this particular slow bruteforcer didn't need root to
operate. The password list has about 65,000 passwords in it, some of
which would have been considered strong passwords. Well, until they
made the list. Your password is just about guaranteed to be on future
lists.....
However, another password with similar characteristics would be fine.
You just never want to use it on more than one server to be safe.....
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
