Re: [tlug] Debian OpenSSL critical security bug

[Christian Horn <chorn@example.com>]

On Tue, May 20, 2008 at 04:16:44AM +0900, Stephen J. Turnbull wrote:
> Christian Horn writes:
> 
>  > And after 90minutes of bruteforcing rsa-keys i could login from the outside.
> 
> You mean simply with for i in lots of numbers; ssh-keygen key$i; do
> try login with new key; lather; rinse; done?  

Exactly. 
Ok, guessing the username has also to happen, wondering what percentage
of internethosts allows direct root-login via ssh.

> No wonder I've seen a
> sudden increase in traffic from China!  (What I'm seeing is not a
> problem, it's the SYN packets that are being filtered.)

http://stats.denyhosts.net/stats.html
Interestingly its said that debian updated the packages 5 days bevore
the flaw was published, and indeed there is a small peak..


Christian