Network Security: Detailed info on Re: SSH bruteforce on its way...

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Incidents

[Top] [All Lists]

Re: SSH bruteforce on its way...

from [Michael . Lang] Network Security

[Permanent Link]

Subject:	Re: SSH bruteforce on its way...
Date:	25 Oct 2005 07:29:26 -0000

Hi Volker,

ive started a honey Machine for your answer on, what are they doing with 
captured machines ...

just after some hours the Machine was up the first attempts where made, probing 
for useable machines, only one attempt was a *human* login with interaction. 
I've used sudosh for logging the bash session and first assumption is that the 
person which was using the shell didnt know to much about Unix as log cleaning 
was made with scripts downloaded from geocities and the bash_history was  
forgotten.
I've put the session data on a website 
(http://www.jackal-net.at/tiki-read_article.php?articleId=20)  where you can 
see what i've setup and what the guys where doing. (currently only one session 
is online but i'm sure, others will follow :) ... )

Kind regards 
Michael Lang

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [incidents] Re: SSH bruteforce on its way..., (continued) Re: [incidents] Re: SSH bruteforce on its way..., Tim Kennedy Re: SSH bruteforce on its way..., foxxz . net Re: SSH bruteforce on its way..., jouser Re: SSH bruteforce on its way..., Justin Re: SSH bruteforce on its way..., Russell Fulton Re: SSH bruteforce on its way..., Valdis . Kletnieks Re: SSH bruteforce on its way..., Kurt Seifried Re: SSH bruteforce on its way..., Justin Re: SSH bruteforce on its way..., Daniel Cid Re: SSH bruteforce on its way..., Valdis . Kletnieks Re: SSH bruteforce on its way..., Michael . Lang <= Re: SSH bruteforce on its way..., Javier Fernandez-Sanguino Re: SSH bruteforce on its way..., Volker Tanger SNMP worm?, David Gillett Re: SNMP worm?, Mark Ryan del Moral Talabis RE: SNMP worm?, David Gutierrez Re: SSH bruteforce on its way..., Christine Kronberg Re: SSH bruteforce on its way..., Lionel Ferette Re: SSH bruteforce on its way..., Michael Lang Re: SSH bruteforce on its way..., Bryan Hatter

Previous by Date:	Re: SSH bruteforce on its way..., Valdis . Kletnieks
Next by Date:	Who is looking for port 2036?, Joakim Berge
Previous by Thread:	Re: SSH bruteforce on its way..., Valdis . Kletnieks
Next by Thread:	Re: SSH bruteforce on its way..., Javier Fernandez-Sanguino
Indexes:	[Date] [Thread] [Top] [All Lists]