Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

+ - LongTail shows sshPsycho causes 80% of SSH Brute Force attacks

Submitted by CSG_SurferDude
CSG_SurferDude writes: Marist College in Poughkeepsie, New York, as part of their interest in computer and network security is now hosting LongTail, an ssh brute force attack analyzer. In addition to the standard "What passwords were tried", LongTail also analyzes and compares "Attack Patterns". With over 4 million attacks recorded so far, and over 17 thousand "Attack Patterns" recorded and analyzed, it appears that Cisco and Level 3's recent announcment about sshPsycho (also known as "Group 93") has done nothing to stop their brutal attacks. SshPsycho has control and strong influence over more hosts than are covered by Cisco's announcement. Possibly best of all, the SSH Honeypot AND the analysis tools are released upder GPLV2 and are available for BETA testing at GitHub

Comment: Re:Sort of dumb. (Score 2) 510

by IamTheRealMike (#49615521) Attached to: Recruiters Use 'Digital Native' As Code For 'No Old Folks'

The hardware knowledge argument has become virtually irrelevant in the EC2-world where you can spawn VM pretty much transparently

Right, we forgot, Amazon VMs are magical devices powered by hopes and dreams, rather than CPU cycles like old fashioned "computers" are.

Back here in reality cloud virtual machines are just a shitty containment mechanism that's sort of like an operating system process, only dramatically less efficient. Did you know that Google, not a company exactly famous for lacking clue, doesn't use VMs internally at all? Every internal program runs as a regular operating system process on top of a patched Linux kernel. The system is called Borg and they published a paper on it recently.

Why don't they use VMs, Amazon style? Because VMs suck. Running an entire OS inside another OS just to provide isolation is a great way to waste vast amounts of money and resources. It means sysadmins get to reuse their existing skillset instead of learning some new way of managing software, but that's about it as far as advantages are concerned.

Certainly your Amazon VM will suffer from cache line interference, limited resources, and other things that plague physical devices.

Comment: Re:Who will win? (Score 1) 174

Hardly. AirBnb and PayPal are both good examples of this sort of thing. PayPal got raided a lot and got sent C&D letters by various state regulators when they were rolling out across the USA. Eventually they had to sell to eBay (their primary competitor) to get enough money and political immunity to survive. There's a book about it called the PayPal Wars that goes into more detail on this.

Comment: Re: Why is is the material support provision bad? (Score 1) 121

lol. This is an administration that defines the word "militant" as meaning any male that isn't a child or pensioner. "Material support for terrorism" doesn't mean anything at all, given that the last 15 years have shown governments will happily label anything they don't like as terrorism. Bear in mind the primary roadblock that prevents the UN agreeing on a definition of terrorism is western nations (i.e. America's) insistence that people who resist foreign occupation of their countries must be considered terrorists, and Arab nations insistence that they mustn't.

Comment: Re:Goldman Sachs and possible GPL Violations? (Score 3, Insightful) 83

Considering the guy has been convicted of "unlawful duplication", it sounds like Goldman Sachs did not distribute the software in question. They are therefore entitled to incorporate GPL'd code into their software without making the rest of their code public.

Comment: Re:Hostile environments (Score 2) 634

by IamTheRealMike (#49570869) Attached to: How To Increase the Number of Female Engineers

The hostile environment is sometimes present in subtle ways, such as important discussions that occur spontaneously in the men's restroom

Look, if you find your work environment to be hostile then that's entirely your opinion and none of us here can really judge except through what you just wrote.

That said, what you just wrote makes me wonder if I woke up this morning in a parallel universe. Important discussions happening spontaneously in the men's restroom? Seriously?

I have spent my entire life being a man. In this time I can remember exactly zero conversations that took place in the bathroom at work. I have never taken part in one, I have never overheard one happening whilst I've been doing my business there. I do not believe this is some bizarre fluke - there's a strong social convention amongst men that nobody interacts with each other in the restroom. This social convention is only slightly less strong outside the workplace: it's extremely rare for men, even friends, to dawdle or hold a conversation longer than a few sentences in the bathroom. This is one reason why men's bathrooms tend not to have long queues outside them.

In contrast if I had a pound for every time I've been out with a bunch of women and one stood up to say, "I'm going to the bathroom" and suddenly the others all decided they needed to go right at the same time ...... well, I'd be a rich man. The amount of girls-only gossiping that goes in female bathrooms is ridiculous.

If you seriously believe that men are frequently having important business conversations in toilets then I don't know what to say to you. You either work in an extremely weird office, or you live in a country with radically different social norms, or no such conversations are actually happening but you've already decided you're being excluded somehow and can't figure out how or when, so decided to blame potty breaks. In which case you're just paranoid.

Comment: Re:Soooo.... (Score 4, Insightful) 634

by IamTheRealMike (#49568167) Attached to: How To Increase the Number of Female Engineers

Yes they are making an argument. The author of the article explicitly says:

What does all this show? It shows that the key to increasing the number of female engineers may not just be mentorship programs or child care centers, although those are important. It may be about reframing the goals of engineering research and curriculums to be more relevant to societal needs. It is not just about gender equity — it is about doing better engineering for us all

i.e. engineering that is "socially meaningful" is "better engineering" and by logical implication, the reason women were not signing up before is because engineering had no positive social impact and was somehow not good enough.

This is a load of crap that's highly insulting to men, of course. They're seeing what they want to see in this data: that the reasons women don't do high paid engineering work is because of a fault with engineering rather than because of the choices of women. It's a fundamentally biased, feminist perspective.

By the way, despite the name this "Development Engineering" course does not have any prerequisites, like actual training in engineering. Their website says students from any department can apply. So it sounds a lot like they've invented some entirely new course from scratch, called it engineering and are now marketing this as a success for getting women to study tough, high earning subjects. But I see no reason why an employer would desire people with such a qualification.

So here's a different theory: it's just another example of men choosing higher paid work than women. Instead of studying an entirely new subject (specific to one university) which only focuses on very poor parts of the world and thus is likely to have far more constrained earning potential, men choose to do a PhD that has a better chance of letting them pay off their student debt faster (like an actual pure engineering PhD). With fewer men choosing to do the course, the proportion of women rises.

Comment: Re:But it doesn't work (Score 2) 64

There have been multiple leakers from the various US national security industrial complexes since Snowden. It's hard to spot unless you're really paying attention, but it's clear that it's happened several times now - I think we're up to at least three other leakers, all of whom are anonymous. You can tell because the info comes from non-NSA agencies, or the material is dated after Snowden left, or (most subtly of all) the articles don't attribute the source of the leak to Snowden.

So it's not obviously useless. There are people leaking anonymously. Though for obvious reasons they don't tend to shout from the hills about it.

The earth is like a tiny grain of sand, only much, much heavier.