Reports of higher than normal SSH Attacks - UPDATE
UPDATE:
Thank you to all who reported! Reports are that SSH based attacks are increasing. We will continue to monitor!
---
We have a report of a much greater than the normal noise of SSH based attacks. Anyone else seeing this?
Richard Porter
@packetalien || rporter at isc dot sans dot edu
×
Diary Archives
Comments
Anonymous
Dec 2nd 2013
1 decade ago
Anonymous
Dec 2nd 2013
1 decade ago
Anonymous
Dec 2nd 2013
1 decade ago
We have now 5 to 6 times more sans than before.
Anonymous
Dec 3rd 2013
1 decade ago
61.147.116.62 (Number for CHINANET jiangsu province backbone (AS23650)
42.51.145.13 (CNCGROUP China169 Backbone (AS4837))
61.147.113.107 (Number for CHINANET jiangsu province backbone (AS23650)
61.147.113.93 (Number for CHINANET jiangsu province backbone (AS23650)
61.147.103.4 Number for CHINANET jiangsu province backbone (AS23650)
183.129.197.227 Chinanet (AS4134)
61.147.116.33 Number for CHINANET jiangsu province backbone (AS23650)
61.146.153.209 Chinanet (AS4134)
222.189.239.10 Chinanet (AS4134)
222.175.114.134 Chinanet (AS4134)
182.16.9.50 NETWORK AND SECURITY SOLUTIONS LIMITED (AS45753) HOng Kong
61.55.191.148 CNCGROUP China169 Backbone (AS4837) (China)
95.172.154.80 Closed Joint Stock Company RTComm-Sibir (AS41066) (Russia)
88.198.153.40 Hetzner Online AG (AS24940) (Germany)
212.68.59.191 Hosting Internet Hizmetleri Sanayi ve Ticaret Anonim Sirketi (AS42910)(Turkey)
62.193.238.121 AMEN AMEN DEDICATED (AS48185) (France)
211.167.42.92 INTERWAY BEIJIN TV ENTERPRISE DEVELOPMET FACTION (AS7638) (China)
122.224.6.176 Chinanet (AS4134) (China)
187.115.202.2 Global Village Telecom (AS18881) (Brazil)
180.180.165.180 TOT Public Company Limited (AS9737) (Thailand)
123.125.210.210 CNCGROUP IP network China169 Beijing Province Network (AS4808) (China)
Anonymous
Dec 3rd 2013
1 decade ago