#passwordguessing — Public Fediverse posts

yes, this happened:

Apr 8 23:46:59 skapet sshd-session[69515]: Failed none for invalid user Can't locate List/Util.pm in @INC (you may need to install the List from 175.199.67.164 port 51226 ssh2

(and several times more, of course)
#ssh #bot #botnet #passwordgroping #passwordguessing #sshgropers #cybercrime #security

Background: "Badness, Enumerated by Robots" https://nxdomain.no/~peter/badness_enumerated_by_robots.html and links therein

yes, this happened:

Apr 8 23:46:59 skapet sshd-session[69515]: Failed none for invalid user Can't locate List/Util.pm in @INC (you may need to install the List from 175.199.67.164 port 51226 ssh2

(and several times more, of course)
#ssh #bot #botnet #passwordgroping #passwordguessing #sshgropers #cybercrime #security

Background: "Badness, Enumerated by Robots" https://nxdomain.no/~peter/badness_enumerated_by_robots.html and links therein

yes, this happened:

Apr 8 23:46:59 skapet sshd-session[69515]: Failed none for invalid user Can't locate List/Util.pm in @INC (you may need to install the List from 175.199.67.164 port 51226 ssh2

(and several times more, of course)
#ssh #bot #botnet #passwordgroping #passwordguessing #sshgropers #cybercrime #security

Background: "Badness, Enumerated by Robots" https://nxdomain.no/~peter/badness_enumerated_by_robots.html and links therein

yes, this happened:

Apr 8 23:46:59 skapet sshd-session[69515]: Failed none for invalid user Can't locate List/Util.pm in @INC (you may need to install the List from 175.199.67.164 port 51226 ssh2

(and several times more, of course)
#ssh #bot #botnet #passwordgroping #passwordguessing #sshgropers #cybercrime #security

Background: "Badness, Enumerated by Robots" https://nxdomain.no/~peter/badness_enumerated_by_robots.html and links therein

yes, this happened:

Apr 8 23:46:59 skapet sshd-session[69515]: Failed none for invalid user Can't locate List/Util.pm in @INC (you may need to install the List from 175.199.67.164 port 51226 ssh2

(and several times more, of course)
#ssh #bot #botnet #passwordgroping #passwordguessing #sshgropers #cybercrime #security

Background: "Badness, Enumerated by Robots" https://nxdomain.no/~peter/badness_enumerated_by_robots.html and links therein

A kiddie and their script, part N of N!

Mar 9 17:54:52 skapet sshd-session[97161]: Failed password for invalid user %company% from 20.83.3.189 port 17677 ssh2

#scriptkiddies #sshgropers #passwordguessing #cybercrime #ssh #security

And if you need some reading material, https://nxdomain.no/~peter/hailmary_lessons_learned.html (or g-tracked https://bsdly.blogspot.com/2013/10/the-hail-mary-cloud-and-lessons-learned.html)

A mention elsewhere of the insufferable ssh password guessers has me reprise my "The Hail Mary Cloud and the Lessons Learned" https://nxdomain.no/~peter/hailmary_lessons_learned.html piece, with a note added at the end about endlessh as a possible refinement (yes, I use it) #ssh #passwords #passwordguessing #passwordgroping #endlessh #openbsd #freebsd #pf #packetfilter #security #cybercrime

A mention elsewhere of the insufferable ssh password guessers has me reprise my "The Hail Mary Cloud and the Lessons Learned" https://nxdomain.no/~peter/hailmary_lessons_learned.html piece, with a note added at the end about endlessh as a possible refinement (yes, I use it) #ssh #passwords #passwordguessing #passwordgroping #endlessh #openbsd #freebsd #pf #packetfilter #security #cybercrime

A mention elsewhere of the insufferable ssh password guessers has me reprise my "The Hail Mary Cloud and the Lessons Learned" https://nxdomain.no/~peter/hailmary_lessons_learned.html piece, with a note added at the end about endlessh as a possible refinement (yes, I use it) #ssh #passwords #passwordguessing #passwordgroping #endlessh #openbsd #freebsd #pf #packetfilter #security #cybercrime

A mention elsewhere of the insufferable ssh password guessers has me reprise my "The Hail Mary Cloud and the Lessons Learned" https://nxdomain.no/~peter/hailmary_lessons_learned.html piece, with a note added at the end about endlessh as a possible refinement (yes, I use it) #ssh #passwords #passwordguessing #passwordgroping #endlessh #openbsd #freebsd #pf #packetfilter #security #cybercrime

A mention elsewhere of the insufferable ssh password guessers has me reprise my "The Hail Mary Cloud and the Lessons Learned" https://nxdomain.no/~peter/hailmary_lessons_learned.html piece, with a note added at the end about endlessh as a possible refinement (yes, I use it) #ssh #passwords #passwordguessing #passwordgroping #endlessh #openbsd #freebsd #pf #packetfilter #security #cybercrime

Over at LinkedIn, somebody posted the results of putting a Linux server with sshd exposted to the internet for 30 days recently.

In that particular area, not much seems to have changed since the early years of this century when the events chronicled here https://nxdomain.no/~peter/hailmary_lessons_learned.html (or if you prefer Big G's trackers, https://bsdly.blogspot.com/2013/10/the-hail-mary-cloud-and-lessons-learned.html) occurred.

#ssh #passwordguessing #rootlogin #weakspaswords #passwordgroping #cybercrime

Over at LinkedIn, somebody posted the results of putting a Linux server with sshd exposted to the internet for 30 days recently.

In that particular area, not much seems to have changed since the early years of this century when the events chronicled here https://nxdomain.no/~peter/hailmary_lessons_learned.html (or if you prefer Big G's trackers, https://bsdly.blogspot.com/2013/10/the-hail-mary-cloud-and-lessons-learned.html) occurred.

#ssh #passwordguessing #rootlogin #weakspaswords #passwordgroping #cybercrime

Over at LinkedIn, somebody posted the results of putting a Linux server with sshd exposted to the internet for 30 days recently.

In that particular area, not much seems to have changed since the early years of this century when the events chronicled here https://nxdomain.no/~peter/hailmary_lessons_learned.html (or if you prefer Big G's trackers, https://bsdly.blogspot.com/2013/10/the-hail-mary-cloud-and-lessons-learned.html) occurred.

#ssh #passwordguessing #rootlogin #weakspaswords #passwordgroping #cybercrime

Over at LinkedIn, somebody posted the results of putting a Linux server with sshd exposted to the internet for 30 days recently.

In that particular area, not much seems to have changed since the early years of this century when the events chronicled here https://nxdomain.no/~peter/hailmary_lessons_learned.html (or if you prefer Big G's trackers, https://bsdly.blogspot.com/2013/10/the-hail-mary-cloud-and-lessons-learned.html) occurred.

#ssh #passwordguessing #rootlogin #weakspaswords #passwordgroping #cybercrime

Over at LinkedIn, somebody posted the results of putting a Linux server with sshd exposted to the internet for 30 days recently.

In that particular area, not much seems to have changed since the early years of this century when the events chronicled here https://nxdomain.no/~peter/hailmary_lessons_learned.html (or if you prefer Big G's trackers, https://bsdly.blogspot.com/2013/10/the-hail-mary-cloud-and-lessons-learned.html) occurred.

#ssh #passwordguessing #rootlogin #weakspaswords #passwordgroping #cybercrime

Possibly not blogworthy, but: One puzzling side effect of running greytrapping (as chronicled in https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html) is seeing the uptick in password guessing using even the obviously generated gibberish local parts, and the sheer volume of tries (see https://nxdomain.no/~peter/should_i_stop_caring_and_let_ip_reputation_sort_them_out.html and links therein). #greytrapping #passwordguessing #passwordgroping #spamd #ssh #pop3gropers

Possibly not blogworthy, but: One puzzling side effect of running greytrapping (as chronicled in https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html) is seeing the uptick in password guessing using even the obviously generated gibberish local parts, and the sheer volume of tries (see https://nxdomain.no/~peter/should_i_stop_caring_and_let_ip_reputation_sort_them_out.html and links therein). #greytrapping #passwordguessing #passwordgroping #spamd #ssh #pop3gropers

Possibly not blogworthy, but: One puzzling side effect of running greytrapping (as chronicled in https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html) is seeing the uptick in password guessing using even the obviously generated gibberish local parts, and the sheer volume of tries (see https://nxdomain.no/~peter/should_i_stop_caring_and_let_ip_reputation_sort_them_out.html and links therein). #greytrapping #passwordguessing #passwordgroping #spamd #ssh #pop3gropers

Possibly not blogworthy, but: One puzzling side effect of running greytrapping (as chronicled in https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html) is seeing the uptick in password guessing using even the obviously generated gibberish local parts, and the sheer volume of tries (see https://nxdomain.no/~peter/should_i_stop_caring_and_let_ip_reputation_sort_them_out.html and links therein). #greytrapping #passwordguessing #passwordgroping #spamd #ssh #pop3gropers

Possibly not blogworthy, but: One puzzling side effect of running greytrapping (as chronicled in https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html) is seeing the uptick in password guessing using even the obviously generated gibberish local parts, and the sheer volume of tries (see https://nxdomain.no/~peter/should_i_stop_caring_and_let_ip_reputation_sort_them_out.html and links therein). #greytrapping #passwordguessing #passwordgroping #spamd #ssh #pop3gropers

On a similar note, idle minds might wonder what "luax" is - log excerpt https://nxdomain.no/~peter/who_or_what_is_luax.txt #luax #ssh #sshgropers #passwordgroping #passwordguessing #cybercrime #security #bots

On a similar note, idle minds might wonder what "luax" is - log excerpt https://nxdomain.no/~peter/who_or_what_is_luax.txt #luax #ssh #sshgropers #passwordgroping #passwordguessing #cybercrime #security #bots

On a similar note, idle minds might wonder what "luax" is - log excerpt https://nxdomain.no/~peter/who_or_what_is_luax.txt #luax #ssh #sshgropers #passwordgroping #passwordguessing #cybercrime #security #bots

On a similar note, idle minds might wonder what "luax" is - log excerpt https://nxdomain.no/~peter/who_or_what_is_luax.txt #luax #ssh #sshgropers #passwordgroping #passwordguessing #cybercrime #security #bots

On a similar note, idle minds might wonder what "luax" is - log excerpt https://nxdomain.no/~peter/who_or_what_is_luax.txt #luax #ssh #sshgropers #passwordgroping #passwordguessing #cybercrime #security #bots

just got to love these:

Oct 4 00:04:31 portal sshd-session[37449]: Failed password for invalid user { from 114.111.54.188 port 49944 ssh2

#ssh #passwords #passwordguessing #passwordgroping #cybercrime #bots

just got to love these:

Oct 4 00:04:31 portal sshd-session[37449]: Failed password for invalid user { from 114.111.54.188 port 49944 ssh2

#ssh #passwords #passwordguessing #passwordgroping #cybercrime #bots

just got to love these:

Oct 4 00:04:31 portal sshd-session[37449]: Failed password for invalid user { from 114.111.54.188 port 49944 ssh2

#ssh #passwords #passwordguessing #passwordgroping #cybercrime #bots

just got to love these:

Oct 4 00:04:31 portal sshd-session[37449]: Failed password for invalid user { from 114.111.54.188 port 49944 ssh2

#ssh #passwords #passwordguessing #passwordgroping #cybercrime #bots

just got to love these:

Oct 4 00:04:31 portal sshd-session[37449]: Failed password for invalid user { from 114.111.54.188 port 49944 ssh2

#ssh #passwords #passwordguessing #passwordgroping #cybercrime #bots

It's heartwarming to a greying geek that a 5000+ words retrospective on greytrapping is turning out to be popular - https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)

#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordguessing #pop3 #security #networking #cybercrime

It's now been a week since my population of spamtraps rolled past the number of inhabitants in my home country of Norway. Here is the retrospective:

Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)

#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordguessing #pop3 #security #networking #cybercrime @nostarch

Friends, it finally happened. On August 7th, 2025, the number of spamtraps intended to fool spammers rolled past the number of inhabitants in my home country of Norway. It's time for a retrospective.

Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)

#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordguessing #pop3 #security #networking #cybercrime

[Again for those on the other side of the pond] -

Friends, it finally happened. On August 7th, 2025, the number of spamtraps rolled past the number of people in my home country. It's time for a retrospective.

Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)

#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordguessing #pop3 #security #networking #cybercrime

Friends, it finally happened. On August 7th, 2025, the number of spamtraps intended to woo the unwary spammer rolled past the number of inhabitants in my home country of Norway. It's time for a retrospective.

Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)

#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordguessing #pop3 #security #networking #cybercrime

Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)

Friends, it finally happened. On August 7th, 2025, the number of spamtraps intended to woo the unwary spammer rolled past the number of inhabitants in my home country of Norway.

It's time for a retrospective.

#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordguessing #pop3 #security #networking #cybercrime

Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)

With the imaginary friends, also known as spamtraps, now more numerous than the inhabitants of their virtual landlord's home country, a greytrapping retrospective is in order.

#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordguessing #pop3 #security #networking #cybercrime

Should I Stop Caring and Let IP Address Reputation Sort Them Out? https://nxdomain.no/~peter/should_i_stop_caring_and_let_ip_reputation_sort_them_out.html

How long does data on misbehaving hosts on the Internet stay relevant in an IP Address Reputation context?

Link to poll within (on for a week, 4 days left, please *do* vote).

#security #passwordguessing #antispam #sshgropers #pop3gropers #blacklists #blocklists #bruteforcers #spam #cybercrime #ipreputation

(repost for the CET-ish crowd, some still in holiday mode, and with graphics of sorts added)

So this happened:

Jan 30 03:07:16 skapet sshd-session[94311]: Failed password for invalid user "> from 165.231.182.56 port 15613 ssh2

I wonder if we are seeing a variant of "gropefor database down, feeding raw html to the ssh gropebot" scenario again such as in https://nxdomain.no/~peter/so_somebody_is_throwing_html_at_your_sshd.html #sshgropers #sshd #passwordguessing #passwordgroping #passwords #cybercrime

Another one for the #ssh #password #groper #blooper reel:

Nov 4 15:24:12 portal sshd-session[16361]: Failed password for invalid user user1!2@3#4$ from 185.11.61.88 port 40254 ssh2

#sshgropers #passwordguessing #cybercrime

(also to be added posthaste, with a domain appended, to the list of imaginary friends at https://nxdomain.no/~peter/traplist.shtml) #spamtraps