[Honeywall] SSH Brute Force and Sebek Data
cshaffer at gmail.com
Thu Jun 12 17:45:43 EDT 2008
I'll second it.
From: honeywall-bounces at public.honeynet.org
[mailto:honeywall-bounces at public.honeynet.org] On Behalf Of Rob McMillen
Sent: Thursday, June 12, 2008 5:23 PM
To: Mailing list for users and developers of the Honeywall
Subject: Re: [Honeywall] SSH Brute Force and Sebek Data
Hmm.... IRC channel.... How much interest would there in that?
On Thu, Jun 12, 2008 at 9:52 AM, Bjoern Weiland
<bjoern.weiland at rz.uni-karlsruhe.de> wrote:
> Hey guys,
> why do i get tons of sebek data for a simple SSH Brute Force Attempt on my
> machine? This is not only slowing down walleye, it is also a total
> Now I do understand to get tons of flows, as the src port varies, but
> single login attempt is equipped with sebek information, although the
> intruder did not even get in!
> Another thing: is there an IRC channel for people like me to idle in and
> ask occasional questions like this? :)
> -best regards, bjoern
> Honeywall mailing list
> Honeywall at public.honeynet.org
Honeywall mailing list
Honeywall at public.honeynet.org
No virus found in this incoming message.
Checked by AVG.
Version: 8.0.100 / Virus Database: 270.3.0/1500 - Release Date: 6/12/2008
More information about the Honeywall