Repeated attacks via SSH

Bigby Findrake bigby at ephemeron.org
Sun Oct 2 21:48:31 PDT 2005


Have a look at labrea.

http://labrea.sourceforge.net/

On Mon, 3 Oct 2005, Timothy Smith wrote:

> i wonder if there isn't an opertunity to create some kind of honey pot
> project given the growing frequencies of these ssh based attacks.
>
> allow logins then dragggggg out the connection as long as you can. i
> still have a copy of everything they used to attack my system (it was
> left in /tmp and they were trying to get my system to scan as well)




/-------------------------------------------------------------------------/
"I dislike companies that have a we-are-the-high-priests-of-hardware-so-you'll-
like-what-we-give-you attitude.  I like commodity markets in which
iron-and- silicon hawkers know that they exist to provide fast toys for
software types like me to play with..."
	-- Eric S. Raymond

                    finger://bigby@ephemeron.org
                    http://www.ephemeron.org/~bigby/
                news://news.ephemeron.org/alt.lemurs
/-------------------------------------------------------------------------/



More information about the freebsd-security mailing list