People still does brute forcing ? - GoFuckYourself.com

cooldude7 · 01-22-2012, 06:50 AM

over ssh
i mean , i dont get it., why the fuck ?

most of the times ip gets blacklisted, and pw are very strong these days., and how many attempts they are gonna do ?

there are less than 0.1% chance that they ll get in to box., but why waste so much time and power.

sixsax · 01-22-2012, 07:02 AM

The success rate grows exponentially as they gain access to more servers that can help gain access to yet another. Once you "own" a large enough network, you start blackmailing big companies, threatening to DDOS their online services. And then... You profit.

cooldude7 · 01-22-2012, 07:20 AM

Quote:

Originally Posted by sixsax

The success rate grows exponentially as they gain access to more servers that can help gain access to yet another. Once you "own" a large enough network, you start blackmailing big companies, threatening to DDOS their online services. And then... You profit.

eek so cheap, why not build affiliate sites and make monies

mafia_man · 01-22-2012, 07:31 AM

Change default port, change default user, block root logins, install fail2ban.

99% problems solved.

Barefootsies · 01-22-2012, 07:50 AM

The short answer is, "yes". People still do it on a daily basis.

pornmasta · 01-22-2012, 12:46 PM

Quote:

Originally Posted by cooldude7

pw are very strong these

why are they strong now and not in the past ?

pornmasta · 01-22-2012, 12:47 PM

http://pastebin.com/ZGXJuQKW a random link at pastebin: January, 12th 2012

oscer · 01-22-2012, 12:56 PM

Change your ssh ports to a non standard setting Or use a firewall

Fabien · 01-22-2012, 01:07 PM

Quote:

Originally Posted by cooldude7

over ssh
i mean , i dont get it., why the fuck ?

most of the times ip gets blacklisted, and pw are very strong these days., and how many attempts they are gonna do ?

there are less than 0.1% chance that they ll get in to box., but why waste so much time and power.

On a new VPS of mine, i get around 5 attempts/da,y that goes over 100 and it's a brand new VPS (5 days old)

cooldude7 · 01-22-2012, 11:40 PM

Quote:

Originally Posted by Fabien

On a new VPS of mine, i get around 5 attempts/da,y that goes over 100 and it's a brand new VPS (5 days old)

on my new box 4 days old, gets 6-7 attempts ,with 800+ tries

CYF · 01-22-2012, 11:45 PM

Quote:

Originally Posted by oscer

Change your ssh ports to a non standard setting Or use a firewall

even better, use ssh public keys.

raymor · 01-23-2012, 05:41 AM

Quote:

Originally Posted by CYF

even better, use ssh public keys.

Keys avoid any possibility of success. A firewall avoids wasting resources on attempts.

A lot of people use strong passwords, a vew use passphrases, but way too many webmasters use "admin admin", "qwerty" and other dumb shit. We get webmaster passwords daily of course and I'd say about 10% are really bad. Use LONG passwords, please.

seeandsee · 01-23-2012, 06:19 AM

they are using bot networks for that, and then they spread, and then they can use it for wahtever reason they want

mafia_man · 01-23-2012, 07:33 AM

Quote:

Originally Posted by raymor

Keys avoid any possibility of success. A firewall avoids wasting resources on attempts.

A lot of people use strong passwords, a vew use passphrases, but way too many webmasters use "admin admin", "qwerty" and other dumb shit. We get webmaster passwords daily of course and I'd say about 10% are really bad. Use LONG passwords, please.

Keys are the best way I just don't trust myself not to lose them.

Barefootsies · 01-23-2012, 08:19 AM

Quote:

Originally Posted by seeandsee

they are using bot networks for that, and then they spread, and then they can use it for wahtever reason they want

More often than not, true dat.

01-22-2012, 06:50 AM	#1
cooldude7 Confirmed User Industry Role: Join Date: Nov 2009 Location: Heaven Posts: 4,306	People still does brute forcing ? over ssh i mean , i dont get it., why the fuck ? most of the times ip gets blacklisted, and pw are very strong these days., and how many attempts they are gonna do ? there are less than 0.1% chance that they ll get in to box., but why waste so much time and power. Last edited by cooldude7; 01-22-2012 at 06:52 AM..

01-22-2012, 07:31 AM	#4
mafia_man Confirmed User Industry Role: Join Date: Jul 2005 Location: icq#: 639544261 Posts: 1,965	Change default port, change default user, block root logins, install fail2ban. 99% problems solved. __________________ I'm out.

01-22-2012, 07:50 AM	#5
Barefootsies Choice is an Illusion Industry Role: Join Date: Feb 2005 Location: Land of Obama Posts: 42,635	The short answer is, "yes". People still do it on a daily basis. __________________ Should You Email Your Members? Link1 \| Link2 \| Link3 Enough Said. "Would you rather live like a king for a year or like a prince forever?"

01-22-2012, 12:56 PM	#8
oscer Confirmed User Industry Role: Join Date: Jan 2001 Location: Baltimore Posts: 2,834	Change your ssh ports to a non standard setting Or use a firewall __________________ XR Networks Dedicated \| VPS \| Shared Hosting ICQ 42602565

01-23-2012, 06:19 AM	#13
seeandsee Check SIG! Industry Role: Join Date: Mar 2006 Location: Europe (Skype: gojkoas) Posts: 50,945	they are using bot networks for that, and then they spread, and then they can use it for wahtever reason they want __________________ BUY MY SIG - 50$/Year Contact here

01-22-2012, 07:02 AM	#2
sixsax Confirmed User Industry Role: Join Date: Aug 2006 Location: Denmark Posts: 213	The success rate grows exponentially as they gain access to more servers that can help gain access to yet another. Once you "own" a large enough network, you start blackmailing big companies, threatening to DDOS their online services. And then... You profit.

01-22-2012, 12:47 PM	#7
pornmasta Too lazy to set a custom title Join Date: Jun 2006 Posts: 19,026	http://pastebin.com/ZGXJuQKW a random link at pastebin: January, 12th 2012