[nycbug-talk] new bruteforcing. . .
mhernandez at techally.com
Mon Oct 22 14:34:19 EDT 2007
On Oct 22, 2007, at 2:12 PM, George Rosamond wrote:
> I noticed this happening to some of our boxes last night while tailing
> some logs:
> Anyone else notice this going on?
> It's not really groundbreaking, but the fact that it's in a
> model is somewhat new for ssh and mysql bruteforce zombies.
> Nmaps for OSs are sketchy of course, but seems like mostly Linux
> . . which is somewhat groundbreaking.
Funny you should post this - I was just looking into some brute force
attacks on one of our servers here - did some geobytyes searching and
it looks like a lot are coming from brazil and argentina as well as
germany and hong kong... All of the offenders (according to nmap
anyway) were "unix" machines. Sure are a lot of rooted *nix boxen out
there these days... all over the world apparently.
More information about the talk