Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Just in time? For what?' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Just in time? For what?
Authored by: daveschroeder on Feb 11, '05 01:20:21PM

This is a **very old** SSH attack. This has been going on for almost a year, and we see it on every machine we administer that has SSH enabled. All it does is try common username/password pairs for names and role accounts. If you have good password security, there is nothing to worry about. Is more security ever bad? Absolutely not; by all means, secure your machine as much as practical. But this is not some kind of "new" attack, and would not compromise any OS X machine in its default configuration with ssh enabled if accounts have reasonable passwords, i.e., not test/test, firstname/firstname, etc. That's all this script does.



[ Reply to This | # ]