Non-interactive SSH attacks dominate after login

Anyone who runs a server with SSH exposed to the internet sees the same pattern in the logs. A steady stream of automated scanners tries to log in, hour after hour, from addresses all over the world. The common picture of what comes next has an attacker landing a shell, looking around the system, and typing commands. The reality recorded across eleven research honeypots looks almost nothing like that. Eleven SSH honeypots ran on cloud … More

The post Non-interactive SSH attacks dominate after login appeared first on Help Net Security.

Originally published by Help Net Security.

Read the original article