Bug#314645: ssh password mappings result

To: Justin Pryzby <justinpryzby@users.sf.net>, 314645-quiet@bugs.debian.org
Cc: 314645-submitter@bugs.debian.org
Subject: Bug#314645: ssh password mappings result
From: Greg Webster <greg@intouch.ca>
Date: Mon, 20 Jun 2005 22:15:18 -0700
Message-id: <[🔎] 1119330918.16383.1.camel@localhost.localdomain>
Reply-to: Greg Webster <greg@intouch.ca>, 314645-quiet@bugs.debian.org
In-reply-to: <[🔎] 20050621031544.GA17776@cane>
References: <[🔎] 20050621031544.GA17776@cane>

Hi Justin,

Part of what I'd like to (dis)prove is that they are making a 'second
run' from this or another machine to hit that accounts that it believes
are valid...any chance you could keep your testing up for a while?

Thx,

Greg


On Mon, 2005-20-06 at 23:15 -0400, Justin Pryzby wrote:
> Included is a list of usernames and corresponding passwords used in an
> ssh scan I observed.  It indicates to me that it is trying
> statistically common (aka dumb) passwords on common usernames; I see
> no evidence of an attempt to measure timings to discover valid
> accounts.
> 
> Justin
> 
> Starred accounts are invalid users.
> 
> root administrator
> root root
> root rootroot
> root root1
> root 123456
> root 1234567890
> root qwerty
> root administrator1
> root admin
> root backup
> root admin1
> root secure
> root secret
> root passwd
> root password
> root password123
> *admin admin
> *administrator administrator
> root root
> *admin admin
> *test test
> postgres postgres
> *info info123
> *alex alex
> *alex alex123
> *samba samba
> *guest guest
> *webmaster webmaster
> mysql mysql
> *oracle oracle
> *library library
> *info info
> *shell shell
> *linux linux
> *unix unix
> *webadmin webadmin
> *ftp ftp
> *test test123
> root root123
> *admin admin123
> *guest guest123
> *master master
> *apache apache
> root webadmin
> root admin
> root shell
> root linux
> root test
> root webmaster
> root mysql
> *admin root
> *admin administrator
> *admin 12345
> *admin 123456
> root 123456
> root 12345678
> *test test12345
> *test 123456
> *webmaster 123456
> *user user
> *username username
> *username password
> *user password
> root password
> *admin password
> *test password
> root master
> root apache
> root unix
> root redhat
> *danny danny
> *sharon sharon
> *aron aron
> *alex alex
> *brett brett
> *mike mike
> *alan alan
> *data data
> www-data www-data
> *http http
> *httpd httpd
> nobody nobody
> root login
> backup backup
> *info 123456
> *shop shop
> *sales sales
> *web web
> *www www
> *wwwrun wwwrun
> *adam adam
> *stephen stephen
> *richard richard
> *george george
> *michael michael
> *john john
> *david david
> *paul paul
> news news
> *angel angel
> games games
> *pgsql pgsql
> *pgsql pgsql123
> mail mail
> *adm adm
> *ident ident
> *resin resin

Reply to:

Follow-Ups:
- Bug#314645: ssh password mappings result
  - From: Justin Pryzby <justinpryzby@users.sourceforge.net>

References:
- Bug#314645: ssh password mappings result
  - From: Justin Pryzby <justinpryzby@users.sf.net>

Prev by Date: Bug#314645: ssh password mappings result
Next by Date: Bug#314645: ssh password mappings result
Previous by thread: Bug#314645: ssh password mappings result
Next by thread: Bug#314645: ssh password mappings result
Index(es):
- Date
- Thread