[Eug-lug] source of ssh scanner
larry price
laprice at gmail.com
Wed Aug 25 12:24:19 PDT 2004
On Wed, 25 Aug 2004 11:49:53 -0700 (PDT), Po Petz <po at ciphermonkeys.org> wrote:
> On Wed, 25 Aug 2004, larry price wrote:
>
> > I rather doubt that anyone on this list is using passwords this weak.
>
> You'd also have to be running OpenSSH with "PermitRootLogin yes" for all
> the checkauth("root",,) calls, no?
>
Yes, that's disabled by default in most sshd installs, so it's
probably not a big concern for the average user
> > I guess I'm mildly surprised at how crude the damn thing is, couldn't
> > they at least use a loadable dictionary?
>
> Some of the scanners that end up in rootkits are pretty pathetic programs
> with library code pasted right in. This one is impressive in that it
> doesn't just call system("/usr/bin/ssh");. :)
well, no one expects car thieves to be master mechanics.
OTBFAH:
I did think about stripping the passwords out and making a CGI that
would let people test their passwords online... ;-)
--
http://Zoneverte.org -- information explained
Do you know what your IT infrastructure does?
More information about the EUGLUG
mailing list