SSH and Telnet ports
Dominik Schaefer
schaedpq2 at gmx.de
Sun Dec 14 19:48:54 UTC 2008
Kasimir Gabert schrieb:
> On Sun, Dec 14, 2008 at 11:36 AM, Christopher Davis <loafier at gmail.com>
> wrote:
>> How practical is SSH password cracking over Tor? Wouldn't the latency
>> deter attackers?
> I have received about 70 brute force ssh attempts on my Tor node in the
> past month from other exit nodes. I'm not sure what the pay off is, but
> the attacks are occurring.
Three servers I maintain receive about 60 of those dumb and ridiculous login
attempts per hour. They are not running any Tor relay und are not especially
'big' in terms of number of users or publicity. Clearly, the originator does
not target Tor nodes specifically. ;-) As these logins are coordinated (same
username on 3 machines within the same second), it seems to be some botnet.
Concerning the aspect of using Tor to target others: I would be very surprised
if anyone actually tries to use Tor for this, ordinary botnets of owned
machines are completely sufficient.
Dominik
More information about the tor-talk
mailing list