[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: SSH and Telnet ports



Kasimir Gabert schrieb:
> On Sun, Dec 14, 2008 at 11:36 AM, Christopher Davis <loafier@xxxxxxxxx>
> wrote:
>> How practical is SSH password cracking over Tor? Wouldn't the latency 
>> deter attackers?
> I have received about 70 brute force ssh attempts on my Tor node in the
> past month from other exit nodes.  I'm not sure what the pay off is, but
> the attacks are occurring.
Three servers I maintain receive about 60 of those dumb and ridiculous login
attempts per hour. They are not running any Tor relay und are not especially
'big' in terms of number of users or publicity. Clearly, the originator does
not target Tor nodes specifically. ;-) As these logins are coordinated (same
username on 3 machines within the same second), it seems to be some botnet.
Concerning the aspect of using Tor to target others: I would be very surprised
if anyone actually tries to use Tor for this, ordinary botnets of owned
machines are completely sufficient.

Dominik