brute force ssh attack
Aleksandar Milivojevic
amilivojevic at pbl.ca
Thu Apr 28 13:14:44 UTC 2005
Matthew Miller wrote:
> On Wed, Apr 27, 2005 at 10:56:38AM -0500, Aleksandar Milivojevic wrote:
>
>>>there are numerous brute force ssh attacks in the web.
>>>I was quite curious, and for fun, I created the typical
>>>user accounts and set easy to guess passwords....
>>
>>Generally, very bad idea. Unless you know exactly what you are doing,
>>which you obviously don't.
>
>
> What's the harm? I mean, assuming you're planning on doing a limited,
> controlled experiment?
Was it controlled? Was it really limited? Judging from original post,
I wouldn't be suprised if his entire local network got infected.
>>You don't just unplug network cable. You wipe off machine and reinstall
>>it from scratch. Simple as that.
>
>
> Sure. But it doesn't hurt to investigate what happened. It's educational.
Sure, investigate. Learn. And then wipe off the harddrives.
--
Aleksandar Milivojevic <amilivojevic at pbl.ca> Pollard Banknote Limited
Systems Administrator 1499 Buffalo Place
Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
More information about the users
mailing list