On Fri, 13 Jul 2012, Rick Moen <rick@linuxmafia.com> wrote:
(For values of 'attack' approximating twisting a house's front doorknob.)
Anyone who's run a public sshd and noted automated attempts to login using 'joe' account/password combinations will have noticed that the rate of traffic involved is really slow.
http://etbe.coker.com.au/2012/07/09/postfwd-local-email/ I recently had a SMTP AUTH account compromised. It took almost two years and the user-name was test@coker.com.au which would have to be in the top five most guessable addresses in my domain. But I guess the issue with ssh would be whether people get to the next step. I'm sure that sometimes people do the "install openssh-server" step but then get distracted before the "lock it down to only accounts with good passwords" step. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/