Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Low-Intensity, Brute-Force Zombies Are Back

Posted by Soulskill on from the password-123456-letmein dept.

Peter N. M. Hansteen writes "In real life, zombies feed off both weak minds and the weak passwords they choose. When the distributed brute-force attempts stopped abruptly after a couple of months of futile pounding on ssh servers, most of us thought they had seen sense and given up. Now, it seems that they have not; they are back. 'This can only mean that there were enough successful attempts at guessing people's weak passwords in the last round that our unknown perpetrators found it worthwhile to start another round. For all I know they may have been at it all along, probing other parts of the Internet ...' The article has some analysis and links to fresh log data."

9 of 203 comments (clear)

  1. Not seeing it yet by MichaelSmith · · Score: 3, Funny

    ...unless they are only attacking from my existing list of blocked IP addresses.

    --
    http://michaelsmith.id.au
  2. Oh... by Perseid · · Score: 5, Funny

    ...you mean zombie PROGRAMS. Damn.

    [puts shotgun down]

  3. I'm safe... by hoytak · · Score: 5, Funny

    I've now changed my password from Thomas to ThomasX, where X is a digit that I'm not telling.

    --
    Does having a witty signature really indicate normality?
    1. Re:I'm safe... by Main+Gauche · · Score: 2, Funny

      pinkie? C'mon, gimme a hint.

    2. Re:I'm safe... by Anonymous Coward · · Score: 1, Funny

      I just cracked it. Very clever using a roman numeral 10 there.

    3. Re:I'm safe... by spartacus_prime · · Score: 5, Funny

      I tried to make my password "penis," but it said it wasn't long enough. :(

      --
      If you can read this, it means that I bothered to log in.
    4. Re:I'm safe... by Phroggy · · Score: 2, Funny

      reference

      --
      $x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
      $x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
  4. Re:why are passwords even allowed? by Anonymous Coward · · Score: 1, Funny

    " I run log-guardian.pl to "3 strikes - you're out" the idiots who do the brute-forces by putting them into iptables"

    Good to know that if I spoof your IP address I'll prevent you from login your own machines.

  5. Re:why are passwords even allowed? by The+Redster! · · Score: 3, Funny

    "aplay -t raw" for the truly over-the-edge!