[HECnet] Telnet/SSH attacks
Gregg Levine
gregg.drwho8 at gmail.com
Thu Nov 28 19:48:09 PST 2013
Hello!
Interesting problem that one, Sampsa as applied to the Asterisk PBX.
Now the important question, who is or was hosting them? I might know
of them?
A compromised NAS, interesting. It might have been deliberately spun
up that way.....
And I agree with you regarding the drivers license and the server issues.
-----
Gregg C Levine gregg.drwho8 at gmail.com
"This signature fought the Time Wars, time and again."
On Thu, Nov 28, 2013 at 6:27 PM, Sampsa Laine <sampsa at mac.com> wrote:
Took out another 5 or so attackers today, actually reported one Asterisk PBX (weird, right) to their hosting company in the US, figured they are compromised.
All of the hosts I've scanned are basically compromised systems, some poor guys server or the latest one, a NAS unit with all its management ports accessible through the Internet.
I think we'll need some kind of driving license system for running servers at some point, this botnet stuff is just ridiculous :)
sampsa <sampsa at mac.com>
mobile +44 7961 149465
More information about the Hecnet-list
mailing list