• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
cnm

Bots used as password crackers

2 posts in this topic

http://www.infosecurity-us.com/view/5610/bots-used-as-password-crackers/

Microsoft has released data from a honeypot project designed to mimic an FTP server and document dictionary-based password attacks. The project, which involved a network protocol analyzer in Microsoft's Dublin-based malware research lab, found that the majority of the password attacks were automated, and not carried out directly by the attackers.

 

"Most of the probing is done from compromised systems that are connected to a password-protected IRC channel and are waiting for commands", Microsoft said. "One such command is to scan and identify other vulnerable hosts."

 

The average password length tried during an attack was eight characters. The average user name length was six characters. However, the company pointed out that password lengths of up to 29 characters were tried, along with user names of up to 15 characters....

We see something a bit like this ourselves in the server's Exim Rejectlog, where idiot bots keep trying dictionary spam attacks on spywareinfo.org - which actually has no email accounts. :spiteful:

[box]2009-11-30 12:00:42 H=85.166.71-86.rev.gaoland.net (komputeruit) [86.71.166.85]:1676 I=[75.127.110.25]:25 F=<abenaadlam@spywareinfo.org> rejected RCPT <njyumjq5ljy0ljuy960@spywareinfo.org>:

2009-11-30 12:00:42 H=85.166.71-86.rev.gaoland.net (komputeruit) [86.71.166.85]:1688 I=[75.127.110.25]:25 F=<autumnstrattontroupe@frontrunnernetworks.com> rejected RCPT <njyumjq5ljy0ljuy960@spywareinfo.org>:

2009-11-30 12:00:47 H=(ap7cc21f6695c8) [187.22.32.9]:4210 I=[75.127.110.25]:25 F=<adebowalebarnard@spywareinfo.org> rejected RCPT <ntkumtq0ljiumjmz132@spywareinfo.org>:

2009-11-30 12:00:50 H=(ap7cc21f6695c8) [187.22.32.9]:4227 I=[75.127.110.25]:25 F=<resumedd@moseleytechnical.com> rejected RCPT <ntkumtq0ljiumjmz132@spywareinfo.org>:

2009-11-30 12:19:59 H=212-198-160-34.rev.numericable.fr (nom47d5a5b94ad) [212.198.160.34]:1207 I=[75.127.110.25]:25 F=<adannaalice@spywareinfo.org> rejected RCPT <njyumjq5ljy1ljmz273@spywareinfo.org>:

2009-11-30 12:28:43 H=(stefan) [84.19.217.43]:3943 I=[75.127.110.25]:25 F=<adannayabelden@spywareinfo.org> rejected RCPT <w295@spywareinfo.org>:

2009-11-30 12:28:43 H=(stefan) [84.19.217.43]:3944 I=[75.127.110.25]:25 F=<qmrnd@web.de> rejected RCPT <w295@spywareinfo.org>:

2009-11-30 12:31:52 H=(etmail.namliong.com.tw) [210.75.26.89]:41441 I=[75.127.110.25]:25 F=<info@michealdavis.org> rejected RCPT <680@spywareinfo.org>: [/box]and many more, all using very long 'names'..

 

I haven't seen bot email spam attacks on SWI (spywareinfoforum.com).

Share this post


Link to post
Share on other sites

FYI...

 

Do and don’ts for p@$$w0rd$

- http://blogs.technet.com/mmpc/archive/2009/11/27/do-and-don-ts-for-p-w0rd.aspx

November 27, 2009 - "... To check if you have a strong password, you can use Microsoft's password checker ( http://www.microsoft.com/protect/fraud/passwords/checker.aspx )... For additional information regarding passwords you can visit the following links:

Creating passwords - http://www.microsoft.com/protect/fraud/passwords/create.aspx

Maintaining passwords - http://www.microsoft.com/protect/fraud/passwords/secret.aspx ..."

 

:ph34r:

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0