While cleaning a storage room, our staff found this tape containing #UNIX v4 from Bell Labs, circa 1973
Apparently no other complete copies are known to exist: https://gunkies.org/wiki/UNIX_Fourth_Edition
We have arranged to deliver it to the Computer History Museum
Attached: 1 image Hey! Let's talk about #SSH and #security! If you've ever looked at SSH server logs you know what I'm about to say: Any SSH server connected to the public Internet is getting bombarded by constant attempts to log in. Not just a few of them. A *lot* of them. Sometimes even dozens per second. And this problem is not going away; it is, in fact, getting worse. And attackers' behavior is changing. The graph attached to this post shows the number of attempted SSH logins per day to one of @cloudlab s clusters over a four-year period. It peaks at about 3.4 million login attempts per day. This is part of a study we did on our production system, using logs of more than 640 million login attempts, covering more than 1,500 hosts on our side and observing more than 840 thousand incoming IP addresses. A paper presenting our analysis and a new, highly effective means to block SSH brute force attacks ("Where The Wild Things Are: Brute-Force SSH Attacks In The Wild And How To Stop Them") will be presented next week at #NSDI24 by @[email protected] . The full paper is at https://www.flux.utah.edu/paper/singh-nsdi24 Let's dive in. 🧵
If you're at #NSDI24, we'll have a CloudLab Birds-of-a-Feather meeting on Wednesday at 8:00 (right after the poster session). Come join us in the Alameda Room to talk about CloudLab (and get stickers)!
If you're not familiar with BoF sessions: they're a chance for people with common interests to get together - just show up, no preparation or prior experience with CloudLab required.
If you have a shoe string budget and can't afford a service like @greynoise (and/or you're depending on fail2ban as a preventative control), this Dictionary Based Blocking looks to be very effective.
This research paper has tons of interesting tidbits. Worth the read! Or if you're going to #NSDI24, you can see a presentation by @sachindhke
#infosec #ssh #bruteforce #hacking #research
https://discuss.systems/@ricci/112247553557306560
Attached: 1 image Hey! Let's talk about #SSH and #security! If you've ever looked at SSH server logs you know what I'm about to say: Any SSH server connected to the public Internet is getting bombarded by constant attempts to log in. Not just a few of them. A *lot* of them. Sometimes even dozens per second. And this problem is not going away; it is, in fact, getting worse. And attackers' behavior is changing. The graph attached to this post shows the number of attempted SSH logins per day to one of @cloudlab s clusters over a four-year period. It peaks at about 3.4 million login attempts per day. This is part of a study we did on our production system, using logs of more than 640 million login attempts, covering more than 1,500 hosts on our side and observing more than 840 thousand incoming IP addresses. A paper presenting our analysis and a new, highly effective means to block SSH brute force attacks ("Where The Wild Things Are: Brute-Force SSH Attacks In The Wild And How To Stop Them") will be presented next week at #NSDI24 by @[email protected] . The full paper is at https://www.flux.utah.edu/paper/singh-nsdi24 Let's dive in. 🧵
Hey! Let's talk about #SSH and #security!
If you've ever looked at SSH server logs you know what I'm about to say: Any SSH server connected to the public Internet is getting bombarded by constant attempts to log in. Not just a few of them. A *lot* of them. Sometimes even dozens per second. And this problem is not going away; it is, in fact, getting worse. And attackers' behavior is changing.
The graph attached to this post shows the number of attempted SSH logins per day to one of @cloudlab s clusters over a four-year period. It peaks at about 3.4 million login attempts per day.
This is part of a study we did on our production system, using logs of more than 640 million login attempts, covering more than 1,500 hosts on our side and observing more than 840 thousand incoming IP addresses.
A paper presenting our analysis and a new, highly effective means to block SSH brute force attacks ("Where The Wild Things Are: Brute-Force SSH Attacks In The Wild And How To Stop Them") will be presented next week at #NSDI24 by @sachindhke . The full paper is at https://www.flux.utah.edu/paper/singh-nsdi24
Let's dive in. 🧵
Rob Ricci
Internet Measurement Conf.
CloudLab
Xavier Ashe 
