The "Hail Mary Cloud" Is Growing

badger.foo writes "The Australian rickrolling of jailbroken iPhones only goes to prove that bad passwords are bad for you, Peter Hansteen points out, as he reports on the further exploits of the password-guessing Hail Mary Cloud (which we've discussed in the past). The article contains log data that could indicate that the cloud of distributed, password-guessing hosts is growing. 'With 1767 hosts in the current sample it is likely that we have a cloud of at least several thousand, and most likely no single guessing host in the cloud ever gets around to contacting every host in the target list. The busier your SSH deamon is with normal traffic, the harder it will be to detect the footprint of Hail Mary activity, and likely a lot of this goes undetected.'"

Wet Nuns

[byrdfl3w]

Hail Mary's... Deamons... Rick Astley.. The final battle is closer than we ever imagined.

Re:Put in denyhosts...

denyhosts is security through obscurity much like changing the default port for SSH... or so I'm told.

Re:How to ID an Infected Computer

[certain+death]

You have a router in front of your iPhone?!? WOW! I have GOT to get that app.

Re:Denyhosts

[TheRaven64]

Yes indeed. You can always make a network-facing daemon that has been heavily audited more secure by putting a Python script between it and the public Internet.

Re:Put in denyhosts...

[David+Gerard]

The main role of Denyhosts is to lock you out of your own box if you're using an ssh-based file system, which applies your incorrect password multiple times rather than once. I've spent way too much time going into my hosted box via somewhere else to let myself back in.