this is a W you motherfucker! this is a W you motherfucker!
top about projects my photos rc stuff contact home
News/my blog discussion

Tales of a patched sshd
17/10/2012 Filed in: Programming

Some months back I applied this little patch and recompiled openssh. This patch records incoming login attempts on my ssh server in a convinient logfile; both the username and password. I thought this would be a great way to compile a nice little dictionary with username and passwords for bruteforce attacks. Just for fun of course. I didn't really think I would collect that many attempts. Today... months later I checked this very logfile. This is what I saw;

[root@hyrule ~]# wc -l /var/log/sshd_logged                                                                                                                                                   
138032 /var/log/sshd_logged

  138k of usernames and passwords. That is pretty impressive, if I may say so, considering my relatively low-in-traffic server.

comments powered by Disqus

mysteries dot © 2009-2017 design/code Tobias Westergaard Kjeldsen