Site Sponsor:

mcafee_logo.gif
line

Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Dan or post a comment to the blog.

« Content Filtering on YouTube | Main | Preventing Data Loss "Accidents" »

Methodical Attacks on SSH

There was recently a jump in attempts to guess login names and passwords on systems running SSH in a number of networks. These attacks weren't exploiting the OpenSSH encryption bug discovered recently but the patterns demonstrate how attackers can use low profile methodical approaches to reduce the chance of locking out accounts.

SecurityFocus reports:


"From the most recent reports I have seen, the attackers have been using either 'low and slow' style attacks to avoid locking out accounts and/or being detected ... (or) using botnets to do a distributed style attack which also is not likely to exceed thresholds common on the network," Scott Fendley, a handler at the SANS Internet Storm Center and university network administrator, wrote in an ISC advisory.

It's worth noting that machines that were compromised were used to set up for botnet communication. Bots begetting bots. With improvements in their obfuscation techniques this type of attack could help grow botnets quickly.

Tags:          
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Dan Sullivan on May 30, 2008 8:14 AM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-websecurity.com/type/mt-tb.cgi/747

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Latest White Papers

line

Blog Roll

line

Dan Sullivan's Bio:

Dan Sullivan is a systems architect with 20 years of IT experience that includes engagements in enterprise security, application design, and systems architecture. His experience includes a broad range of industries, including financial services, manufacturing, government, retail, gas and oil production, power generation, and education. Dan’s security-related project work has ranged from requirements analysis for enterprise information security to designing and implementing security for database applications and enterprise portals. Dan has written about information security and other enterprise information management topics for Business Security Advisor, DM Review, Intelligent Enterprise, and E-Business Advisor. You can contact Dan at: dan_sullivan@realtimepublishers.net