[lug] Attacks Intensifying
Bill Thoen
bthoen at gisnet.com
Thu Oct 28 11:05:49 MDT 2004
On Thu, 28 Oct 2004, Matt Thompson wrote:
> Well, the older root specific version was like this:
>
> http://www.k-otik.com/exploits/08202004.brutessh2.c.php
Intersting... Looks like they aren't even looking at mixed-case ones, and
few (if any) over 8 characters.
Do people really use passwords for root that are as simple
as these? Even the "clever" ones are sort of stupid. (e.g. q1w2e3, a
keyboard pattern, and ib6ub9, a sounds-like-real-words etc.) Maybe P.T.
Barnum was right when he said, "You won't go broke underestimating the
intelligence of the public."
> So, you could take that as a baseline. By now I'm sure some kiddie has
> expanded the dictionary. I'm guessing there isn't a john-like
> number/capital type search since I've only ever gotten around 2000 or so
> attempts a day at its peak. A john-type attack should generate a lot
> more.
What's a john-like attack?
- Bill Thoen
More information about the LUG
mailing list