[nsp-sec] SSH scanners looking for "temporary"?
Bill Owens
owens at nysernet.org
Wed Sep 10 09:54:54 EDT 2008
On Wed, Sep 10, 2008 at 08:50:14AM -0400, Bill Owens wrote:
> ----------- nsp-security Confidential --------
>
> I know that nobody really cares about SSH scanners, but there was a strange pattern this morning that I've never seen before:
>
Actually, it now looks like just a slow, synchronized dictionary attack. They've moved on to "christiane" and "colette", etc. Each name is tried 6-8 times by different IPs, somebody must be just slowly feeding their botnet with new things to try. . .
Bill.
More information about the nsp-security
mailing list