Network Security: Detailed info on Re: Internet SSH scans

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Incidents

[Top] [All Lists]

Re: Internet SSH scans

from [ilaiy] Network Security

[Permanent Link]

Subject:	Re: Internet SSH scans
Date:	Fri, 3 Mar 2006 15:02:27 -0600

Try denyhosts. Works really well ..

http://denyhosts.sourceforge.net/

./thanks
ilaiy

On 3/3/06, William Tarkington <William.Tarkington@openwave.com> wrote:

This appears to be related to a Romanian organized crime ring.

They are using ssh scans + password lists for easy to guess servers.
From there they create a phishing site.

It has been on the rise for about 3 months or so from my records.

--Will


-----Original Message-----
From: Tom Frerichs [mailto:tfrerich@shiboleth.net]
Sent: Thursday, March 02, 2006 8:57 PM
To: incidents@securityfocus.com
Subject: RE: Internet SSH scans

I'm seeing the same sorts of scans, but it seems to be only on hosts
that
offer web services and have publicly published URLs that might be found
in a
user's cache.

Tom Frerichs - Denver

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: RE: Internet SSH scans, (continued) Re: RE: Internet SSH scans, admin Re: RE: Internet SSH scans, Daxomatic Re: RE: Internet SSH scans, Christine Kronberg Re: Internet SSH scans, JK Adams Re: RE: Internet SSH scans, joakim . berge Re: Re: RE: Internet SSH scans, mrbits RE: Internet SSH scans, Adriano Carvalho Re: Internet SSH scans, Valdis . Kletnieks Re: Internet SSH scans, Adriano Carvalho RE: Internet SSH scans, William Tarkington Re: Internet SSH scans, ilaiy <= Re: Internet SSH scans, Stephen J. Smoogen RE: RE: Internet SSH scans, Teodorski, Chris Re: Re: Internet SSH scans, notonyour Re: RE: Internet SSH scans, Michael . Lang Re: Internet SSH scans, Valdis . Kletnieks

Previous by Date:	RE: RE: Internet SSH scans, Teodorski, Chris
Next by Date:	Re: Internet SSH scans, Stephen J. Smoogen
Previous by Thread:	RE: Internet SSH scans, William Tarkington
Next by Thread:	Re: Internet SSH scans, Stephen J. Smoogen
Indexes:	[Date] [Thread] [Top] [All Lists]