SSHD_config question

Adam Funk a24061 at ducksburg.com
Fri Aug 15 11:44:58 UTC 2008


On 2008-08-14, NoOp wrote:

>> That being said, if you use real passwords (i.e. longer than 8,
>> include at least more than one case, some numbers and punctuation -
>> definitely not something you can find in a newspaper) you are fine.
>> 
>> If you look at the attempts those ssh bots are trying the passwords
>> are laughably bad.  If you have a laughably bad password then you have
>> issues :-)

> Agree there... (laughably bad password attempts).

>From the log dumps I've seen, they also go through lists of common
forenames as accounts.

The passwords that the bots try don't show up in the logs (of course!)
--- did you use some special honeytrap tool to see what they were?





More information about the ubuntu-users mailing list