[Bro] SSH login brute force
adayadil.thomas at gmail.com
Thu Jun 11 08:48:58 PDT 2009
Thanks for the info, Seth
Can you point me to any info/document/link that you may have used for
for e.g. about how you set
authentication_data_size = 5500
I am trying to understand how a brute force attempt can be
distinguished from a normal
client server communication since both are encrypted?
On Thu, Jun 11, 2009 at 11:29 AM, Seth Hall <hall.692 at osu.edu> wrote:
> On Jun 11, 2009, at 10:38 AM, Adayadil Thomas wrote:
>> Does bro detect SSH brute force login attempts?
> My ssh-ext.bro script at the following link does, but it could certainly be improved.
> Seth Hall
> Network Security - Office of the CIO
> The Ohio State University
> Phone: 614-292-9721
More information about the Bro