"Amadeus W.M." <amadeus84@xxxxxxxxxxx> writes: > At any rate, I really don't understand why they even bother with brute > force. Do they ever find anything? It is successful enough. Most of the connections you see come from systems that have been infiltrated this way. From what I've been able to tell it is still mostly a manual operation by folks doing it for "bragging rights", but there isn't any reason why it couldn't be automated. Poke around in google for "brutessh.c" and follow some of the links and usernames. My mental picture is a bunch of bored kids that like to brag about how many machines on the net they "own" (eg. have established a presence on). The part that I find fascinating is that brutessh.c was clearly written by someone very new to C programming and bsd/linux/unix in general. At the time, it appears that they didn't even know how to code and loop over a username/password array. It is all open-coded with a long list of repeated subroutine calls submitting each username/password signally. What is amusing is that in spite of the extremely crude code, the overall program works very well. It shows how one clever newbie attacker with a fresh idea can still cause significant damage. -wolfgang -- Wolfgang S. Rupprecht http://www.wsrcc.com/wolfgang/ Hints for IPv6 on FC6 http://www.wsrcc.com/wolfgang/fedora/ipv6-tunnel.html
