On Wed, 25 Aug 2004, larry price wrote:
> I rather doubt that anyone on this list is using passwords this weak.
You'd also have to be running OpenSSH with "PermitRootLogin yes" for all
the checkauth("root",,) calls, no?
> I guess I'm mildly surprised at how crude the damn thing is, couldn't
> they at least use a loadable dictionary?
Some of the scanners that end up in rootkits are pretty pathetic programs
with library code pasted right in. This one is impressive in that it
doesn't just call system("/usr/bin/ssh");. :)
-po
_______________________________________________
EUGLUG mailing list
[EMAIL PROTECTED]
http://www.euglug.org/mailman/listinfo/euglug
