[PLUG-TALK] Increased System Probes/Cracking Attempts

Rich Shepard rshepard at appl-ecosys.com
Wed Apr 28 13:18:01 UTC 2010


   Starting yesterday we've been subjected to a flood of cracking attempts
that are rejected by the firewall, about every minute or two. There have
also been several thousand sshd attempts and more than 16K rejected e-mails
yesterday alone. These numbers are much higher than I've seen before.

   The firewall is rejecting the UDP packets, but I get the e-mailed
notification in my inbox when this happens; the sshd cracking attempts are
also rejected. But, it's annoying.

   Has anyone else seen a recent increase in attempts to crack into networks?
Is there anything I can do to discourage these attempts (they come from a
broad range of IP addresses; perhaps all highjacked Windows machines)? I'm
sure that eventually the probes will once again drop down to the very low
normal levels, and I'd like to see that happen sooner rather than later.

Rich




More information about the PLUG-talk mailing list