On Tue, Mar 18, 2008 at 04:34:32AM -0700, Andrew Farris wrote: > Well I understand why those are a high risk, but with root at least the > attacker knows the username, normal usernames is a double blind brute force > right? I know my own system used to see many more root attempts than No - scanning tools use email data, web data and statistical tables of common usernames. Even a long time ago sending to usenet from stupidname@xxxxxxxxx resulting in dictionary attacks via ssh against anything in mybox.com with username stupidname, including in some cases trying each word in the posting Alan -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list
