this post was submitted on 01 Jan 2022
1 points (100.0% liked)

Hacking

1768 readers
1 users here now

This is the community for all things hacking and cybersecurity, try keeping it legal. That said I don't take any responsibility for anything that happens/comes from this group but I will try being the best mod that I can to prevent anything from happening.

founded 4 years ago
MODERATORS
qarmah@lemmy.ml
1
Does brute-forcing SSH logins for random IPs have a reasonable chance of being profitable for the attackers? (mander.xyz)
submitted 2 years ago* (last edited 2 years ago) by Sal@mander.xyz to c/hacking@lemmy.ml
0 comments fedilink hide all child comments
 

I was looking at my /var/log/auth.log in my personal computer and VPS, and I can see thousands of failed SSH attempts over the past few days. Looking at the attempted logins, I suppose that someone is using a database and trying out common default username/password combinations to attack random IP addresses. I also see that they try this for many different ports.

This approach of attack appears to me to be very very very unlikely to return anything of value. They may as well just try generating bitcoin private keys randomly until they find a wallet with something in it.

Are these 'hackers' just playing the lottery and wasting their resources? Or is this a strategy that somehow works reasonably often?

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here