On Sep 16, 2004, at 9:51 AM, Jason Dixon wrote:
On Sep 16, 2004, at 9:48 AM, Reuben D. Budiardja wrote:
Hello,
Just wondering if anyone's been seeing a lot of SSH attempts to their machines
lately. I've seen at least 30 - 60 unautorizhed, brute force attempts to each
of my server daily, and they come from different domain everyday.
If, by brute force, you mean the "Admin/root/guest" dumb attempts, then yes, I have about one attempt daily. This has been going on for at least the last month or so IIRC. As long as you're patched and not using incredibly poor passwords, you'll be fine. Search the NANOG archives if you need more detail.
I have also seen such an increase in "brute force" attacks over the last month. Different ip everyday- but they are increasing the accounts they try.
Can an attacker determine the version string of sshd running on a machine without a successful login? If so, could the fact that RHEL has backported patches and kept the string at "3.6.1p2" given these crackers false hope that this is a vulnerable sshd? Just wondering...
Jurvis LaSalle
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
