A mention elsewhere of the insufferable ssh password guessers has me reprise my "The Hail Mary Cloud and the Lessons Learned" nxdomain.no/~peter/hailm... piece #ssh #passwords #passwordguessing #passwordgroping #endlessh #openbsd #freebsd #pf #packetfilter #security #cybercrime
A mention elsewhere of the insufferable ssh password guessers has me reprise my "The Hail Mary Cloud and the Lessons Learned" nxdomain.no/~peter/hailmary_lessons_... piece, with a not added at the end about endlessh as a possible refinement (yes, I use it) #ssh #passwords […]
Over at LinkedIn, somebody posted the results of putting a Linux server with sshd exposted to the internet for 30 days recently.
In that particular area, not much seems to have changed since the early years of this century when the events chronicled here […]
Possibly not blogworthy, but: One puzzling side effect of running greytrapping (as in nxdomain.no/~peter/eight...) is seeing password guessers using obviously generated gibberish local parts (see nxdomain.no/~peter/shoul...). #greytrapping #passwordguessing #passwordgroping #spamd #ssh #pop3gropers
This is what a #bugbounty hunt looks like, right? nxdomain.no/~peter/20251206_bugbounn... #securityresearch #scriptkiddies #morons #wordpress #passwordgroping
Hm. Over at the facesite I commented on a post about #bruteforce attacks on a commercial network product with a link to nxdomain.no/~peter/badness_enumerate... and got a followup asking whether I have bruteforce protection "in front of" my ssh servers.
And this only hours […]
On a similar note, idle minds might wonder what "luax" is - log excerpt https://nxdomain.no/~peter/who_or_what_is_luax.txt #luax #ssh #sshgropers #passwordgroping #passwordguessing #cybercrime #security
just got to love these:
Oct 4 00:04:31 portal sshd-session[37449]: Failed password for invalid user { from 114.111.54.188 port 49944 ssh2
#ssh #passwords #passwordguessing #passwordgroping #cybercrime #bots
Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? nxdomain.no/~peter/eight... (tracked bsdly.blogspot.com/2025/08/eigh...)
#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordgroping #pop3 #security #networking #cybercrime
The long version of why you need key authentication for SSH servers: "The Hail Mary Cloud and the lessons learned" nxdomain.no/~peter/hailm... #ssh #passwordgroping #unix #linux #openbsd #freebsd #pf #packetfilter
Also, The 4th edition of the Book of PF is coming soon: nxdomain.no/~peter/yes_t...
The long version of why you need key authentication for your SSH servers - "The Hail Mary Cloud and the lessons learned" nxdomain.no/~peter/hailmary_lessons_... #ssh #passwordgroping #unix #linux #openbsd #freebsd #pf #packetfilter
Also The 4th edition of the Book of PF is […]
Happy "Logging in as users - [ and $ day" to all who celebrate, nxdomain.no/~peter/blogp...,
also see "The Hail Mary Cloud And The Lessons Learned" nxdomain.no/~peter/hailm... + "Badness, Enumerated by Robots" nxdomain.no/~peter/badne... #ssh #passwordgroping #security #passwords #cybercrime #botnet
Happy "Logging in as users -, [ and $ day" to all who celebrate:
Jul 19 02:02:12 portal sshd-session[88959]: Failed password for invalid user - from 152.42.130.79 port 33738 ssh2
Jul 19 03:00:14 portal sshd-session[79691]: Failed password for invalid user [ from 152.42.130.79 port 41708 ssh2 […]
I wonder what happened here:
May 29 05:19:33 portal sshd-session[12463]: Failed password for invalid user ^ from 196.251.89.193 port 38538 ssh2
no prizes, just puzzled
#ssh #passwordgroping #cybercrime #sshgropers
I wonder what happened here:
May 29 05:19:33 portal sshd-session[12463]: Failed password for invalid user ^ from 196.251.89.193 port 38538 ssh2
no prizes, just puzzled
#ssh #passwordgroping #cybercrime #sshgropers
"I have yet to meet an admin who plausibly claims to never have been tripped up by their overload rules at some point."
read on: nxdomain.no/~peter/hailm...
#ssh #passwords #bruteforce #passwordgroping #cybercrime #openbsd #pf #packetfilter #security #guessablepasswords #hailmary
"I have yet to meet an admin who plausibly claims to never have been tripped up by their overload rules at some point."
More, and a walk down memory lane, in "The Hail Mary Cloud And The Lessons Learned" nxdomain.no/~peter/hailmary_lessons_...
#ssh #passwords #bruteforce […]
So this happened:
Jan 30 03:07:16 skapet sshd-session[94311]: Failed password for invalid user "> from 165.231.182.56 port 15613 ssh2
Ilikely a variant of "gropefor database down" scenario as in nxdomain.no/~peter/so_so... #sshgropers #sshd #passwordguessing #passwordgroping #passwords #cybercrime
