We will start the series with an example on weak SSH credential exploitation. We put up a Linux server that was on purpose set up so that remote root login was allowed. The root password was also set to something that was likely to get hit by SSH scanners most of the time. (more…)
Archive for April, 2009
Intruders: Weak SSH credentials
Monday, April 6th, 2009New category added
Sunday, April 5th, 2009We are starting up a new series of blog entries. The category ‘Intruders’ will contain various attacks that take place in the internet, and we strive to show real-life examples of them.
The number of exploitable machines and services in the internet is really dazzling and easily counted in tens, if not hundreds, of millions. Some of the attacks aim to spread a piece of malware while others might be going for a spam cannon. All the entries in this category aim to expose what happens after the actual compromisation of the machine.
All the data will be gathered from live systems, solely set up for this purpose and constantly monitored. This allows us to pull the plug in time to prevent our systems being used to further compromise other machines.