Shared publicly  - 
 
I recently set up a server, and predictably it started seeing brute-force password-guessing attempts on SSH. The host only permits public key authentication, and I also used fail2ban to temporarily block repeat offenders and so stop my logs from being filled up. However, I was curious what attackers were actually doing, so I patched OpenSSH to log the username and password for log-in attempts to invalid users (i.e. all except my user-account). So...
1
Scott Patton's profile photo
 
We see lots of funny stuff on our eCommerce platform...
Add a comment...