[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] 300,000 failed login attempts in 6 months!!!
- Subject: [ale] 300,000 failed login attempts in 6 months!!!
- From: yahoo at jimpop.com (Jim Popovitch)
- Date: Tue, 19 Aug 2008 18:36:42 -0400
- In-reply-to: <1219184504.27794.2.camel@zest>
- References: <003301c90200$e959c5c0$0301000a@S0030153310> <[email protected]> <1219182293.25674.0.camel@zest> <[email protected]> <1219184504.27794.2.camel@zest>
2008/8/19 Michael B. Trausch <mike at trausch.us>:
> Yes, but it's fairly trivial to detect it on any machine using a
> standard portscan:
>
> Interesting ports on localhost (127.0.0.1):
> 22/tcp open ssh OpenSSH 4.7p1 Debian 8ubuntu1.2 (protocol 2.0)
> 80/tcp open http lighttpd 1.4.19
> 631/tcp open ipp CUPS 1.2
> 5432/tcp open postgresql PostgreSQL DB
> 5900/tcp open vnc VNC (protocol 3.7)
> 8080/tcp open ssh OpenSSH 4.7p1 Debian 8ubuntu1.2 (protocol 2.0)
> 9050/tcp open tor-socks Tor SOCKS Proxy
> Service Info: OS: Linux
That's not a very well secured box if you can determine versions from ports. ;-)
Also, the latency in using nmap to discover ssh via nmap is less than
desirable when there are so many available default installs of ssh
(most of which probably have lame passwords for root)
-Jim P.
-Jim P.