Uncategorized29 Jul 2014 04:42 pm

I logged on to the Sun box in my basement this evening, looking to test something on a Solaris box, and decided to look at the log files.  In the messages file I see a bunch of errors: “fatal: padding error: need 168 block 16 mod 8”

Yes, I am forwarding SSH from my Internet IP to the Sun box so I can SSH into the server from the Internet.  And apparently, somebody or multiple somebody’s are trying some type of brute force attack on SSH to get into my machine.

I checked the box, and nobody has managed to hack there way in using SSH, but, its amazing that a bad actor out there found the open SSH connection on my home comcast.net IP address, and they are going to town.

Interesting, to think that if they could get into the server, would that be a launch point to root kit that machine, and the MAC’s on my home network, looking for credit card numbers, account ID’s and passwords, PayPal, etc.

There are so many bad actors out there nowadays.  I’m very excited to be going to Black Hat and Def con next week and learning more about the state of cyber security.

 

Comments are closed.