Mailinglist Archive: opensuse (1570 mails)

< Previous Next >
Re: [opensuse] Coordinated, distributed ssh attacks?
  • From: "Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>
  • Date: Sun, 4 Oct 2009 21:50:53 +0200 (CEST)
  • Message-id: <alpine.LSU.2.00.0910042145551.12109@xxxxxxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



On Sunday, 2009-10-04 at 19:02 +0200, Per Jessen wrote:

All automated ssh attacks are looking for totally insanely simple
passwords, like "password".

Not so totally insanely simple, not any more. I had a machine
compromised about two years ago - the password for the account was a
common English word, 7 characters with one vowel substituted by a '0'.

There is an utility in oS, I think it is called "john", with a database, that runs as cronjob and tries to crack users passwords. If it cracks one, it sends an email to root and the user. I removed it because it run for many hours at top cpu.

The bad guys could be using something like that to generate the passwords. And we could use that utility also, for other reasons.

- -- Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkrI/J8ACgkQtTMYHG2NR9Xo7wCdFOYdxsNvV4NP8usJ4hvfC7Xh
nC4Anj2KZXdTRBvFDbL82C4h7GDB0OFK
=l4j4
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >