[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] SSH brute force blocking tool

To: full-disclosure <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] SSH brute force blocking tool
From: "J. Oquendo" <sil@xxxxxxxxxxxxxxx>
Date: Mon, 27 Nov 2006 14:22:10 -0500

For those interested, I wrote a program called Sharpener which is an SSHbrute force blocking tool that also reports back the offenders'addresses. I have begun posting the information on the attackers as wellas sending out messages (whenever possible) to the admins of thesedomains. Think of it as an RBL for SSH attackers. The goal is toidentify these machines in order for others to implement safeguards(ACL's) against these hosts. Feel free to comment/complain.



http://www.infiltrated.net/sharpener (tool)
http://www.infiltrated.net/bruteforcers (offenders)

--
====================================================
J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743

sil . infiltrated @ net http://www.infiltrated.net

The happiness of society is the end of government.
John Adams

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] SSH brute force blocking tool
  - From: Tavis Ormandy

Prev by Date: Re: [Full-disclosure] The state of JavaScript Hacking
Next by Date: Re: [Full-disclosure] Sasser or other nasty worm needed
Previous by thread: [Full-disclosure] [SECURITY] [DSA 1219-1] New texinfo packages fix multiple vulnerabilities
Next by thread: Re: [Full-disclosure] SSH brute force blocking tool
Index(es):
- Date
- Thread