Re: Why do SSH cracking attempts start with "Did not receive identification string"?
From: Robert Waldner (rw_at_coretec.at)
Date: 09/02/05
- Previous message: Gregory Seidman: "Coexistence of Qt3 and Qt4 development (or at least compilation)"
- In reply to: Adam Funk: "Why do SSH cracking attempts start with "Did not receive identification string"?"
- Next in thread: Dave Ewart: "Re: Why do SSH cracking attempts start with "Did not receive identification string"?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: debian-user@lists.debian.org Date: Fri, 02 Sep 2005 13:51:35 +0200
On Fri, 02 Sep 2005 12:24:54 BST, Adam Funk writes:
>Sometimes the interval between "Did not receive" and the first "Failed
>password" is as long as 20 minutes. Why do the SSH cracking programs
>omit the string the first time, and why do they wait a while after
>that to start trying userids and passwords?
Probably becasue at first they do a sweep and look where port 22 is at
least open, before they start with "real" cracking attempts.
cheers,
&rw
-- / Ing. Robert Waldner | Security Engineer | CoreTec IT-Security \ \ <rw@coretec.at> | T +43 1 503 72 73 | F +43 1 503 72 73 x99 /
-- To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
- application/pgp-signature attachment: stored
- Previous message: Gregory Seidman: "Coexistence of Qt3 and Qt4 development (or at least compilation)"
- In reply to: Adam Funk: "Why do SSH cracking attempts start with "Did not receive identification string"?"
- Next in thread: Dave Ewart: "Re: Why do SSH cracking attempts start with "Did not receive identification string"?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
