Network Security: Detailed info on Re: SSH bruteforce on its way...

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Incidents

[Top] [All Lists]

Re: SSH bruteforce on its way...

from [Valdis . Kletnieks] Network Security

[Permanent Link]

Subject:	Re: SSH bruteforce on its way...
Date:	Mon, 24 Oct 2005 23:13:46 -0400

On Fri, 21 Oct 2005 18:05:27 -0000, jouser@gmail.com said:

I didn't think it was possible to determine valid usernames by themselves?  
You
either have a valid username AND password or not.


So you take the list of 30-40 "installed by default" userids, add a list of 100
or so common first names/last names, prepend/append a single letter (i.e.
starting with "john" and "smith", also try "jsmith" and "johns").  Then try
each of those with a list of common passwords.  If you're *really* 31337, you
apply the SSH timing hole to possibly identify valid userids - but it really
isn't needed because it's just as cheap to just try all 40,000 combinations of
userid/password (remember, you're doing this from somebody else's compromised
system).

pgpoV5ZQDzrDH.pgp
Description: PGP signature

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: SSH bruteforce on its way..., (continued) Re: SSH bruteforce on its way..., Paul Robertson Re: [incidents] Re: SSH bruteforce on its way..., Tim Kennedy Re: SSH bruteforce on its way..., foxxz . net Re: SSH bruteforce on its way..., jouser Re: SSH bruteforce on its way..., Justin Re: SSH bruteforce on its way..., Russell Fulton Re: SSH bruteforce on its way..., Valdis . Kletnieks Re: SSH bruteforce on its way..., Kurt Seifried Re: SSH bruteforce on its way..., Justin Re: SSH bruteforce on its way..., Daniel Cid Re: SSH bruteforce on its way..., Valdis . Kletnieks <= Re: SSH bruteforce on its way..., Michael . Lang Re: SSH bruteforce on its way..., Javier Fernandez-Sanguino Re: SSH bruteforce on its way..., Volker Tanger SNMP worm?, David Gillett Re: SNMP worm?, Mark Ryan del Moral Talabis RE: SNMP worm?, David Gutierrez Re: SSH bruteforce on its way..., Christine Kronberg Re: SSH bruteforce on its way..., Lionel Ferette Re: SSH bruteforce on its way..., Michael Lang Re: SSH bruteforce on its way..., Bryan Hatter

Previous by Date:	Re: Dismantling Botnets?, Thorsten Holz
Next by Date:	Re: SSH bruteforce on its way..., Michael . Lang
Previous by Thread:	Re: SSH bruteforce on its way..., Daniel Cid
Next by Thread:	Re: SSH bruteforce on its way..., Michael . Lang
Indexes:	[Date] [Thread] [Top] [All Lists]