[nsp-sec] lists of IPs (and ASNs) for SSH scanning and brute force
Tim Wilde
twilde at cymru.com
Sun Oct 23 18:56:21 EDT 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/22/2011 7:26 PM, Russell Fulton wrote:
> ----------- nsp-security Confidential --------
>
> scan file alerts on SYN packets and the brute file on connected
> session?
Russell (and everyone else too! :))
Thanks for posting these to the list! FYI, if you're able to output
this data on a regular basis, the SSH brute force data can be
automatically distributed through our Daily Reports project. This is
one of the categories that we keep wide open for submissions (to folks
we trust like NSP-SEC, not the whole world :)), so there's no setup or
anything required on our end. Simply take a look at the bruteforce
report page for more information:
https://www.cymru.com/nsp-sec/dailyreports/bruteforce.html
Apologies to Russell if I've specifically solicited you in the past
and you can't do this for whatever reason, but I like to take the
opportunity to point this out for everyone whenever I see this
particular type of list posted to the list, as it can often make life
easier for everyone. Feel free to drop a note to support at cymru.com if
you have any questions about this or other category data submissions,
how they work, etc! We'd also love a note from anyone starting to
send us data just so we can make sure it's arriving and being
processed correctly.
Best regards,
Tim
- --
Tim Wilde, Senior Software Engineer, Team Cymru, Inc.
twilde at cymru.com | +1-847-378-3333 | http://www.team-cymru.org/
-----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAk6km5UACgkQluRbRini9tgdggCcC7TaZsKm9444dUDQTThfakhd
22oAnRTLvahEoZ09VJ3QZSxTaCDOpeXC
=+4Na
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list