Date: Wed, 26 Oct 2011 19:14:04 +0200 From: peter@bsdly.net (Peter N. M. Hansteen) To: freebsd-questions@freebsd.org Subject: Re: SV: Breakin attempt Message-ID: <87ehxzd6ar.fsf@deeperthought.bsdly.net> In-Reply-To: <000801cc933c$60776520$21662f60$@org> (Admin ValhallaProjectet's message of "Tue, 25 Oct 2011 19:34:35 %2B0200") References: <000801cc933c$60776520$21662f60$@org>
next in thread | previous in thread | raw e-mail | index | archive | help
"Admin ValhallaProjectet" <admin@thorshammare.org> writes: > Probably a bunch of bots. Not very intelligent used. It's a recurring phenomenon, sometimes called the "hail mary cloud" (the odds are overwhelmingly against such things ever succeeding, but they keep trying anyway). > Really messed up my logfiles. I was a bit curious if the purpose > was just that, to mask some more clever real attacks, but haven't > seen any signs of such. > I changed my ssh port, just to reduce the noise, and it all ceased. This round was over a lot quicker than the ealier ones, see eg http://www.bsdly.net/~peter/hailmary/ and the inital blog post about the phenomenon, http://bsdly.blogspot.com/2008/12/low-intensity-distributed-bruteforce.html - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87ehxzd6ar.fsf>