On Fri, Jun 20, 2008 at 12:15:39AM -0400, Perry E. Metzger wrote: > > "Robert G. Brown" <[EMAIL PROTECTED]> writes: > > Do you have an recent contemporary evidence for that? > > Yes, Run a box with sshd on it connected to the internet and watch your > logs for a few days. You will find numerous attempts to try thousands > of possible account names and passwords -- brute force cracking. > > Here is an extract from the log on a real machine, one of mine, from > last night: > > Jun 19 20:56:53 smaug sshd[2577]: Invalid user secretariat from 70.90.14.154 > Jun 19 20:56:54 smaug sshd[2522]: Invalid user secretar from 70.90.14.154 > Jun 19 20:56:55 smaug sshd[23949]: Invalid user present from 70.90.14.154 > Jun 19 20:56:56 smaug sshd[3440]: Invalid user test from 70.90.14.154 > Jun 19 20:56:57 smaug sshd[8809]: Invalid user test from 70.90.14.154 > Jun 19 20:56:58 smaug sshd[21600]: Invalid user teste from 70.90.14.154 > Jun 19 20:56:59 smaug sshd[314]: Invalid user teste from 70.90.14.154
Yeah, I get that all the time too, I use an /etc/hosts.allow filter to temporarily block those idiots after three such attempts. > It goes on and on and on. There are countermeasures you can run to > block the zombies trying to guess passwords, but I rarely bother since > none of my machines allow password based login so their attempts are > useless anyway. Same here, so agree to the futility. But, why suffer the endless churn? If left alone, some will pound away for hours. > > But weak passwords that are brute force guessed[...]? > > Only on a poorly managed network, > > That would be 95% of networks. I've done a lot of network audits in my > day, too. Yup. Just fire up any Wifi kit and look at the visible networks. Also don't forget SC's wall of shame... -- David N. Lombard, Intel, Irvine, CA I do not speak for Intel Corporation; all comments are strictly my own. _______________________________________________ Beowulf mailing list, [email protected] To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
