[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Abuse complaints about brute forceing via ssh

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Abuse complaints about brute forceing via ssh
From: grarpamp <grarpamp@xxxxxxxxx>
Date: Sun, 1 Jan 2012 23:36:13 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 01 Jan 2012 23:36:28 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=j0ZwTXSoOVneSRqOn0G+fYG+7LzZbWyGrm0UGpVOMzo=; b=tWN44iHynG7Wnc9BV5apZ+hFqAY3vQHmegSzMNS4El1kefVIRx2PalgPTCQKuViJx8 CXdIIUxdEAUmNZT/yGNgzwpKoUC3AQGYoi1UDkr299qiQqfM27e8cwDkC5sQqVzxGig1 DSVq7NTxEvY39sUBx7HNlT39ejXrqP7dy5LDE=
In-reply-to: <CAJdkzEMSHaPBy5mK0+JPhtyiYr_sp1SAK=GjiSbfWQCERh93eA@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for support and questions about running Tor relays \(exit, non-exit, bridge\)." <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <201112310759.45115.klaus.layer@xxxxxx> <CAJdkzEOhw+nsNGNrf34jxKwbL5_xuL9yk4Ve+uqv-zS1LvcNCw@xxxxxxxxxxxxxx> <CAJdkzEMSHaPBy5mK0+JPhtyiYr_sp1SAK=GjiSbfWQCERh93eA@xxxxxxxxxxxxxx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx

This 'attack' has been going on for YEARS. Nobody's really getting
shells (well some are), just dictionaried. The problem is that
OpenSSH logs this by default and people freak out when they
see it in their logs. It's just background noise. Real admins
tune it out and use ssh keys instead.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Abuse complaints about brute forceing via ssh
  - From: cmeclax-sazri

Prev by Author: Re: [tor-relays] This is what you get....compile problem OSX10.4
Next by Author: Re: [tor-relays] planned downtime
Next by thread: Re: [tor-relays] Abuse complaints about brute forceing via ssh
Index(es):
- Author
- Thread