[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Automated SSH login attempts?

To: Ali Campbell <fdisclosure@xxxxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Automated SSH login attempts?
From: Christian Fromme <derfromme@xxxxxx>
Date: Fri, 30 Jul 2004 01:59:03 +0200

Ali Campbell <fdisclosure@xxxxxxxxxxxxxxxxxx> wrote:

> Do I take it that these things are just trying to log in using some 
> guessed password(s) ? Out of interest, do we have any idea what these 
> opportunistic passwords might be ?

As far as I have heared this is an 0day "exploit" which does nothing but
trying to bruteforce some accounts like "admin" "test" and so on with
passwords like "test" "1234" and i dont know what. 
Seems to be not too serious because noone actually has those account in
real life. ;)

Best wishes,
Christian

-- 
Christian Fromme

chris at kaner.shacknet.nu
PGP-Pubkey: http://www.informatik.fh-wiesbaden.de/~cfrom001/pgp/index.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] Automated SSH login attempts?
  - From: Juan Carlos Navea
- Re: [Full-Disclosure] Automated SSH login attempts?
  - From: Ali Campbell

Prev by Date: Re: [Full-Disclosure] Re: Automated SSH login attempts?
Next by Date: Re: [Full-Disclosure] Re: Automated SSH login attempts?
Previous by thread: Re: [Full-Disclosure] Automated SSH login attempts?
Next by thread: [Full-Disclosure] Comcast(tm) Email Manager allows arbitrary java and activex code execution
Index(es):
- Date
- Thread