Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: InfoSec Handlers Diary Blog - SANS Internet Storm Center InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

SSH Brute Force on Non-Standard Ports

Published: 2012-12-16
Last Updated: 2012-12-16 17:13:03 UTC
by Tony Carothers (Version: 1)
0 comment(s)

One of the Handlers here at the ISC reports seeing an increase in SSH attacks on non-standard ports.  The traffic that is being seen is a brute force SSH attempt, and is more than just a connect, it is providing credentials in attempt to gain access.  If anybody is seeing similar SSH attempts on non-standard ports, we'd love to take a look at any logs or packet captures related to this activity.  These logs and packets can be reached at the "Contact Us" page.

tony d0t carothers --gmail

Keywords: SSH bruteforce
0 comment(s)
Diary Archives