[Tfug] Anybody here of a new SSH vulnerability?
Choprboy
choprboy at dakotacom.net
Sun Jul 25 12:31:58 MST 2004
Anybody hear anything about a new SSH vuln? Normally I don;t pay much
attention to script kiddies... but for the last week I have seeing repeated,
daily attempts to log in from what appear to be trojaned machines acting as
scanning bots. The attack is very distinct, appears to only be targeting SSH,
and is an attempt to log in as guest/test/admin/root both with and without a
password.
It appears someone is just mass-scanning for default/unconfigured machines. I
normally see this kind of attempt 1 or twice a week on each of my machines...
but for the last week+ is has been several attempts per day, all from
different scattered machine. Anyone hear anything in particular?
Adrian
More information about the tfug
mailing list