[blog.rayfoo] Infosec, DFIR, tech geekery, thoughts and whatnot

31Oct/100

Spam comment FAIL

Found this gem in my wordpress spam comment queue.

What blog platform are you using?  I've been looking for a new one, and this seems much cleaner than wordpress.

I really wanted to approve this spam comment just so that I can respond to it :P

Tagged as: , , , No Comments
20Oct/090

SSH brute force connection attempts #fail

Collected these over the past few months, reverse chronological order. Seeing different machines attempting to connect hundreds of times a day each is just, wow.

Some might say that a SSH blacklist daemon might help, but it only increases the time taken for a brute force attempt, and is of no use against a botnet trying to brute force the ssh login.

There are plenty of things that can be done to lock down the ssh server, and restricting it to only publickey is by far one of the most effective, counting that the resource (the server) you're protecting is pretty important.

Tagged as: , , , , , , Continue reading
   

Subscribe

Downloads

Links

Social

Most Active Tags

APT books brute forcing BTPC Christian Christian living CLI data mining data visualization DNS Downloads drama education fun funny hardening HOWTO information gathering Japanese linux log analysis lyrics mathematics network nginx OpenVPN picture programming project Python random RSnake security server administration spam Splunk SSH TED thoughts tools Ubuntu web application web server wifi WordPress

Recent Comments

Recent Posts