Friends,

It feels like it was in a different century, but at the beginning of the #russia-#ukraine full scale war I speculated that you could predict development in conflict based on the intensity of attempted #cyberattacks, see https://nxdomain.no/~peter/Predicting_developments_in_real_world_conflict_from_patterns_of_failed_logins.html. The data now covers four years.

I ponder whether it's worth using the data (linked in the article) to see how these things correlate.

I'd love to hear your thoughts.

#ssh #passwordguessing #cybercrime #passwordgropers #hailmarycloud

"I have yet to meet an admin who plausibly claims to never have been tripped up by their overload rules at some point."

More, and a walk down memory lane, in "The Hail Mary Cloud And The Lessons Learned" https://nxdomain.no/~peter/hailmary_lessons_learned.html
#ssh #passwords #bruteforce #passwordgroping #cybercrime #openbsd #pf #packetfilter #security #guessablepasswords #hailmary #hailmarycloud

For the Monday morning (CET-ish) set:

I have just updated the article "The Hail Mary Cloud And The Lessons Learned" https://nxdomain.no/~peter/hailmary_lessons_learned.html aka field notes from the forever war against #passwordgropers on #ssh and elsewhere, with loads of more references to newer material and data #slowbrutes #hailmarycloud #bruteforcers #cybercrime

All links to my stuff has (at least) a nontracked option .

[Again for the morning CETish crowd]
I *know* you love #passwordgropers, so given this line in my authlog,

Aug 15 21:43:28 skapet sshd-session[18507]: Failed password for invalid user Can't open lax from 2a02:4780:12:2159::1 port 45854 ssh2

what on earth happened here?

For reference, see the Hail Mary cloud summary (2013) https://nxdomain.no/~peter/hailmary_lessons_learned.html or with G's trackers and nicer formatting https://bsdly.blogspot.com/2013/10/the-hail-mary-cloud-and-lessons-learned.html

#ssh #sshgropers #passwordgropers #hailmarycloud #hailmary