#bruteforcers — Public Fediverse posts on home.social

Peter N. M. Hansteen @[email protected] · 2025-06-08 · 16:51 UTC

Should I Stop Caring and Let IP Address Reputation Sort Them Out? https://nxdomain.no/~peter/should_i_stop_caring_and_let_ip_reputation_sort_them_out.html

How long does data on misbehaving hosts on the Internet stay relevant in an IP Address Reputation context?

Link to poll within (on for a week, 4 days left, please *do* vote).

#security #passwordguessing #antispam #sshgropers #pop3gropers #blacklists #blocklists #bruteforcers #spam #cybercrime #ipreputation

(repost for the CET-ish crowd, some still in holiday mode, and with graphics of sorts added)

#security #passwordguessing #antispam #sshgropers #pop3gropers #blacklists

Peter N. M. Hansteen @[email protected] · 2024-08-27 · 07:45 UTC

The topic of #ipv6 support came up at work (as it does sometimes) and a colleague asked, how popular is that protocol, really?

My best data source is the bruteforcers+webtrash data (twice hourly dump https://nxdomain.no/~peter/bruteforcers.txt, see https://nxdomain.no/~peter/badness_enumerated_by_robots.html for explanation, alternatively prettified and G-tracked https://bsdly.blogspot.com/2018/08/badness-enumerated-by-robots.html) and it looks like roughly seven percent of the source addresses for undesirable activity are IPv6, the rest old fashioned #IPv4. #passwordguessing #bruteforcers

#ipv6 #ipv4 #passwordguessing #bruteforcers

stf @[email protected] · 2024-06-03 · 16:38 UTC

I was wondering if there is already #GPU #accelerated #bruteforcers for hash-to-curve
https://datatracker.ietf.org/doc/rfc9380/ out there?
and going beyond just "simple" h2c, 2hashdh prf H(pwd, H2c(pwd)^k) seems to be popular, might as well also inquire about their support. #opaque is one case where this is being used.

does anyone know?

#hashcat #johntheripper /cc @epixoip

#gpu #accelerated #bruteforcers #opaque #hashcat #johntheripper

Peter N. M. Hansteen @[email protected] · 2024-02-27 · 14:29 UTC

@pugmiester @mms Thanks for the mention!

The basics are outlined in (at least) https://home.nuug.no/~peter/pf/en/bruteforce.html with some embellishments in https://nxdomain.no/~peter/forcing_the_password_gropers_through_a_smaller_hole.html and links therein (also with nicer formatting but trackers at https://bsdly.blogspot.com/2017/04/forcing-password-gropers-through.html).

And of course The Book of PF (https://nostarch.com/pf3 or reputable bookshops)

#pf #statetracking #bruteforcers #passwordgropers