What is this Very Stupid DOS Attack Script?
Devon H. O'Dell
dodell at offmyserver.com
Wed Apr 6 09:00:53 PDT 2005
On Wed, Apr 06, 2005 at 10:49:08AM -0500, Martin McCormick wrote:
> We have been noticing flurries of sshd reject messages in
> which some system out there in the hinterlands hits us with a flood of
> ssh login attempts. An example:
[snip]
If you search google, you'll see many recent similar threads on
both this and other mailing lists. Perhaps the most interesting
is one recently on the DragonFly BSD users list, in which there
were several scripts / applications written to analyze the logs
and add IPFW / PF rules blocking these connections.
It's simply a brute force kiddy script. No harm. Or, shouldn't
be if you don't use silly passwords ;) The script simply tries
user:user combinations.
--Devon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20050406/67c0d7db/attachment.bin
More information about the freebsd-security
mailing list