Repeated attacks via SSH
Brett Glass
brett at lariat.org
Sun Oct 2 16:29:23 PDT 2005
At 05:05 PM 10/2/2005, Kevin Day wrote:
>This is pretty common, I'm afraid. SSH scanning with brute force
>password guessing has gone through the roof in the last 9-12 months,
>but it's been going on for years.
>
>We announce a /19 worth of space, and see several hundred ssh
>connects per second across it. The amount of junk port 22 traffic has
>exceeded the amount of junk port 25 traffic for us now.
For us, it just did this weekend. Major swarm of bots, mostly from
the UK and eastern Europe. I can't imagine we're alone.
The sudden increase -- and the tactic of harvesting e-mail addresses and
trying to match them to accounts -- were the reasons I decided to post.
People are going to want to make their security a bit tighter.
Spam, worms, bots.... This Internet thang is sure becoming a cesspool.
--Brett
More information about the freebsd-security
mailing list