Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'This is OLD NEWS' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
This is OLD NEWS
Authored by: daveschroeder on Feb 11, '05 01:17:01PM

There is nothing "to this". This is a super old SSH attack that has been going around for almost a year. It simply tries username/password pairs for common first names and common role accounts. You are NOT VULNERABLE to this attack if you have strong passwords set on your account(s).

Also, there are HUNDREDS of hosts that are probably running scripts like these, right now, and many more that have been compromised over time. So while interesting, knowing the source is not valuable on a general scale. They're just other compromised machines themselves (usually).

Now, yes, it's good to secure your machine as much as possible. But ordinary Mac OS X users who have ssh enabled with decent passwords will NOT be vulnerable to this attack. You might have dozens, hundreds, or even thousands of these log entries. We see this ALL THE TIME on all of our UNIX servers; it's nothing new and nothing to worry about if you have good password security.



[ Reply to This | # ]