Repeated attacks via SSH

Brett Glass brett at
Sun Oct 2 16:29:23 PDT 2005

At 05:05 PM 10/2/2005, Kevin Day wrote:

>This is pretty common, I'm afraid. SSH scanning with brute force  
>password guessing has gone through the roof in the last 9-12 months,  
>but it's been going on for years.
>We announce a /19 worth of space, and see several hundred ssh  
>connects per second across it. The amount of junk port 22 traffic has  
>exceeded the amount of junk port 25 traffic for us now.

For us, it just did this weekend. Major swarm of bots, mostly from
the UK and eastern Europe. I can't imagine we're alone.

The sudden increase -- and the tactic of harvesting e-mail addresses and 
trying to match them to accounts -- were the reasons I decided to post.
People are going to want to make their security a bit tighter.

Spam, worms, bots.... This Internet thang is sure becoming a cesspool.


More information about the freebsd-security mailing list