login
Login / Register
Header Space

 
 

Home » Mailing list archives » openbsd-misc » 2008 » April » 26

Re: Logging failed SSH users and the passwords they typed

Score:
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: anon trol <anontrol@...>
To: <misc@...>
Subject: Re: Logging failed SSH users and the passwords they typed
Date: Saturday, April 26, 2008 - 2:05 pm

On Wed, Apr 23, 2008 at 1:01 PM, Jon Radel <jon@radel.com> wrote:



Or doing silly things like typing your password in the username spot (moving
around between lots of different keyboards of different form factors
sometimes plays havoc with my touch typing, forcing me to look at the
keyboard rather than the screen).

The value of logging brutes is probably minimal... all you're reallying
doing is observing the passing fads in point and click tools used by
knee-biting rift-raft.  If you're planning on building a dictionary or
attack profile, I think you'll find that most brutes are just targeting some
insecure default install.  Back-off strategies are more than adequate for
dealing with them.

...and there are so many other fun things that you can do beside just build
up another useless data set.  If you own a significant amount of
infrastructure, passing specific host routes to bit buckets or honey pots up
the network can be a fun creative way to handle this kind of trash traffic.
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
Logging failed SSH users and the passwords they typed, Parvinder Bhasin, (Tue Apr 22, 3:51 pm)
Re: Logging failed SSH users and the passwords they typed, Sam Fourman Jr., (Tue Apr 22, 11:51 pm)
Re: Logging failed SSH users and the passwords they typed, Ed Ahlsen-Girard, (Wed Apr 23, 9:54 am)
Re: Logging failed SSH users and the passwords they typed, Peter N. M. Hansteen, (Wed Apr 23, 10:12 am)
Re: Logging failed SSH users and the passwords they typed, HDC, (Wed Apr 23, 12:06 pm)
Re: Logging failed SSH users and the passwords they typed, Mike, (Sat Apr 26, 2:48 am)
Re: Logging failed SSH users and the passwords they typed, HDC, (Sat Apr 26, 11:37 am)
Re: Logging failed SSH users and the passwords they typed, Parvinder Bhasin, (Wed Apr 23, 5:40 pm)
Re: Logging failed SSH users and the passwords they typed, Nick Holland, (Wed Apr 23, 6:47 am)
Re: Logging failed SSH users and the passwords they typed, Jon Radel, (Wed Apr 23, 12:01 am)
Re: Logging failed SSH users and the passwords they typed, anon trol, (Sat Apr 26, 2:05 pm)
Re: Logging failed SSH users and the passwords they typed, Claer, (Wed Apr 23, 3:55 am)
Re: Logging failed SSH users and the passwords they typed, Chris Kuethe, (Tue Apr 22, 4:21 pm)

Mail archive search
Enter your search terms.
Optionally limit your search to a specific mailing list.
advanced
Colocation donated by:
Who's online
There are currently 2 users and 776 guests online.

Online users

Syndicate
Syndicate content
© 2007 KernelTrap.  |  Powered by Drupal.  |  Legal statement.
speck-geostationary