Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Slow Bruteforce Botnet(s) May Be Learning

Posted by kdawson on from the knock-who's-there-knock dept.

badger.foo writes "We've seen stories about the slow bruteforcers — we've discussed it here — and based on the data, my colleague Egil Möller was the first to suggest that since we know the attempts are coordinated, it is not too far-fetched to assume that the controlling system measures the rates of success for each of the chosen targets and allocates resources accordingly. (The probes of my systems have slowed in the last month.) If Egil's assumption is right, we are seeing the bad guys adapting. And they're avoiding OpenBSD machines." For fans of raw data, here are all the log entries (3MB) that badger.foo has collected since noticing the slow bruteforce attacks.

2 of 327 comments (clear)

  1. Re:Economics by ion.simon.c · · Score: 0, Redundant

    Defeating botnets is possible in theory (you need passive fingerprinting and end-system auditing capabilities...

    Hell, you don't need all that! All you *really* need is clueful users! You kids... always goin' around overcomplicating things.

  2. Re:Economics by Opportunist · · Score: 0, Redundant

    And while we're at dreaming, how about imagining an internet with users that have a clue?

    Yes, your solutions work in theory. But in theory, communism works, too. I have to work with the stupid and unpleasant reality of the internet.

    Believe me, if I had my way... but that's a totally different story.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.