yes, this happened:

Apr 8 23:46:59 skapet sshd-session[69515]: Failed none for invalid user Can't locate List/Util.pm in @INC (you may need to install the List from 175.199.67.164 port 51226 ssh2

(and several times more, of course)
#ssh #bot #botnet #passwordgroping #passwordguessing #sshgropers #cybercrime #security

Background: "Badness, Enumerated by Robots" https://nxdomain.no/~peter/badness_enumerated_by_robots.html and links therein

A kiddie and their script, part N of N!

Mar 9 17:54:52 skapet sshd-session[97161]: Failed password for invalid user %company% from 20.83.3.189 port 17677 ssh2

#scriptkiddies #sshgropers #passwordguessing #cybercrime #ssh #security

And if you need some reading material, https://nxdomain.no/~peter/hailmary_lessons_learned.html (or g-tracked https://bsdly.blogspot.com/2013/10/the-hail-mary-cloud-and-lessons-learned.html)

Friends,

It feels like it was in a different century, but at the beginning of the #russia-#ukraine full scale war I speculated that you could predict development in conflict based on the intensity of attempted #cyberattacks, see https://nxdomain.no/~peter/Predicting_developments_in_real_world_conflict_from_patterns_of_failed_logins.html. The data now covers four years.

I ponder whether it's worth using the data (linked in the article) to see how these things correlate.

I'd love to hear your thoughts.

#ssh #passwordguessing #cybercrime #passwordgropers #hailmarycloud

Over at LinkedIn, somebody posted the results of putting a Linux server with sshd exposted to the internet for 30 days recently.

In that particular area, not much seems to have changed since the early years of this century when the events chronicled here https://nxdomain.no/~peter/hailmary_lessons_learned.html (or if you prefer Big G's trackers, https://bsdly.blogspot.com/2013/10/the-hail-mary-cloud-and-lessons-learned.html) occurred.

#ssh #passwordguessing #rootlogin #weakspaswords #passwordgroping #cybercrime

just got to love these:

Oct 4 00:04:31 portal sshd-session[37449]: Failed password for invalid user { from 114.111.54.188 port 49944 ssh2

#ssh #passwords #passwordguessing #passwordgroping #cybercrime #bots

It's heartwarming to a greying geek that a 5000+ words retrospective on greytrapping is turning out to be popular - https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)

#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordguessing #pop3 #security #networking #cybercrime

It's now been a week since my population of spamtraps rolled past the number of inhabitants in my home country of Norway. Here is the retrospective:

Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)

#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordguessing #pop3 #security #networking #cybercrime @nostarch