Mailinglist Archive: opensuse (1503 mails)

< Previous Next >
Re: [opensuse] Coordinated, distributed ssh attacks?
  • From: Constantinos Galilei <pandarsson@xxxxxxxxx>
  • Date: Sun, 4 Oct 2009 02:19:03 -0500
  • Message-id: <200910040219.03234.pandarsson@xxxxxxxxx>
On Sunday October 4 2009 2:11:34 am Hans Witvliet wrote:
On Sat, 2009-10-03 at 19:07 -0500, Constantinos Galilei wrote:
On Saturday October 3 2009 7:02:29 pm John Andersen wrote:
I'm pretty sure you misinterpreted what Roger said.

He meant that his passwords are secure enough for his purposes.

All automated ssh attacks are looking for totally insanely simple
passwords, like "password".

They'll certainly never get MY password! "swordfish". Am I brilliant or

Perhaps i misjudged the situation....
If the O.P. manage _all_ involved passowrds, ok, allthough you can have
miles of failing entries that get in the syslog.

otoh, if other people (clients, customers, lusers) need to geet in, they
are probably in control of their own passwords, and then you are in
troubles: "password", "admin", "empty", "", "secret", "geheim"


I have unfortunately been in a situation where I got to see what passwords
people use. Even with strict requirements, they manage to put in the most
elementary stuff.

I should talk, though. I once used "youdneverguess". It was something I
didn't mind being hacked, though.
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >