brute force ssh attack
Nigel Wade
nmw at ion.le.ac.uk
Fri Apr 29 14:26:05 UTC 2005
Aleksandar Milivojevic wrote:
> Matthew Miller wrote:
>
>> On Wed, Apr 27, 2005 at 10:56:38AM -0500, Aleksandar Milivojevic wrote:
>>
>>>> there are numerous brute force ssh attacks in the web. I was quite
>>>> curious, and for fun, I created the typical user accounts and set
>>>> easy to guess passwords....
>>>
>>>
>>> Generally, very bad idea. Unless you know exactly what you are
>>> doing, which you obviously don't.
>>
>>
>>
>> What's the harm? I mean, assuming you're planning on doing a limited,
>> controlled experiment?
>
>
> Was it controlled? Was it really limited? Judging from original post,
> I wouldn't be suprised if his entire local network got infected.
Why? I would be very surprised if it was. It requires infected files to be
manually transferred from system to system.
Unless Daniel actually transferred an infected file to another system, or he
has filesystems cross-mounted with write permission I don't see how they
would be infected. Doing either on a system you are testing to see how long
it takes to be compromised would be just as daft as running binaries
installed by a cracker when root...
... Ok, maybe his network is infected.
--
Nigel Wade, System Administrator, Space Plasma Physics Group,
University of Leicester, Leicester, LE1 7RH, UK
E-mail : nmw at ion.le.ac.uk
Phone : +44 (0)116 2523548, Fax : +44 (0)116 2523555
More information about the fedora-list
mailing list