Security-Alerts mailing list archive (security-alerts@yandex-team.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[security-alerts] FYI: Brute-force SSH Attacks on the Rise
http://isc.sans.org/diary.html?n&storyid=4408
Brute-force SSH Attacks on the Rise
Published: 2008-05-12,
Last Updated: 2008-05-13 02:50:21 UTC
by Scott Fendley (Version: 2)
0 comment(s)
Greetings everyone. Just a bit of a reminder that many colleges and
universities are done for the spring semester, and the K12s are right around
the corner. As most of you already realize, this means that a number of very
intelligent kids and young adults are soon to have far more free time on their
hands (and less adult supervision during the normal working hours for their
parents). So I expect that there will be a bit of an increase of attacks and
other general noise from outside of corporate or campus network as we have
observed in prior years.
In that frame of mind, there has been a significant amount of brute force
scanning reported by some of our readers and on other mailing lists. And there
does appear to be a bit of a spike reflected in the port 22/tcp sources in the
past week in the Dshield data.
Jim Owens and Jeanna Matthews of Clarkson University released a paper at the
Usenix LEET '08 conference which investigates current methods and dictionaries
used by attackers of SSH in the past several months. The paper shows some
evaluations of common techniques used to defend against brute force attacks
that are worth reading to some.
|
