[101748] in North American Network Operators' Group
Re: Dictionary attacks prompted by NANOG postings?
daemon@ATHENA.MIT.EDU (Randy Bush)
Thu Jan 17 02:32:33 2008
Date: Thu, 17 Jan 2008 16:05:04 +0900
From: Randy Bush <randy@psg.com>
To: Barry Shein <bzs@world.std.com>
CC: nanog@merit.edu
In-Reply-To: <200801170643.m0H6h2Eq021626@world.std.com>
Errors-To: owner-nanog@merit.edu
> Does this happen to anyone else posting here?
not that i have noticed. i do see massively (> 5x) more ssh dict
attacks on the hosts i have in tokyo than those on other continents.
but the sample size is too small to draw any serious conclusions. but i
would guess there are folk who actually study this.
> It's pretty clearly a lame attempt to intimidate by some loser.
rofl. seems a pretty paranoid conclusion to which to leap. could just
be a list address harvester for a bunch of lists.
i figure that, since my hosts don't even do password ssh, that having
password guessers go after my hosts is my contribution to reducing the
attacks on more vulnerable hosts.
randy
