SSH hacked?

Brian ad44 at
Wed Jan 14 14:15:26 UTC 2009

On Tue 13 Jan 2009 at 19:23:52 -0800, NoOp wrote:

> I think you will find that the existing bots out there will in fact
> eventually pickup your port 22, and the scripts will pass that along to
> other bot machines. The result is sort of like flies drawn to honey;
> eventually multiple bots will start dictionary ssh attempts.

Maybe my bit of the internet is atypical but I've yet to observe this.
Since September 2008 there have been 41,000 attempts to log in via ssh.
Not all from the same host of course but some hang in there and try 400+
username/password combinations. Rather sad really; I doubt they even
get close to a valid username.

If I thought moving sshd off port 22 would reduce the chances of a bot
gaining access to a machine I'd consider doing it.It doesn't so I don't.

More information about the ubuntu-users mailing list