New Linux malware brute-forces SSH servers to breach networks
-
A new botnet called 'RapperBot' is being used in attacks since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers to establish a foothold on the device.
"Stick your head in a bucket of... SSHhhhhaving cream, be nice and clean Shave every day and you'll always look keen."
-
A new botnet called 'RapperBot' is being used in attacks since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers to establish a foothold on the device.
"Stick your head in a bucket of... SSHhhhhaving cream, be nice and clean Shave every day and you'll always look keen."
Kent Sharkey wrote:
Stick your head in a bucket of... SSHhhhhaving cream,
Oh my!, it's been A LOT of years since I heard that on Dr. Demento. I think he is still doing a show, he's gotta be up there in years.
"the debugger doesn't tell me anything because this code compiles just fine" - random QA comment "Facebook is where you tell lies to your friends. Twitter is where you tell the truth to strangers." - chriselst "I don't drink any more... then again, I don't drink any less." - Mike Mullikins uncle
-
A new botnet called 'RapperBot' is being used in attacks since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers to establish a foothold on the device.
"Stick your head in a bucket of... SSHhhhhaving cream, be nice and clean Shave every day and you'll always look keen."
:facepalm: Allowing password authentication in SSH is like securing the vault with a ziptie. Secure key exchange is not that hard. And yes, the number of password-based logon attempts on my server has recently gone from about 10 or 20 a day to 500+. If I used port 22 and didn't use fail2ban, I hate to think how many it would be.
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012