[Bro] SSH login brute force
hall.692 at osu.edu
Thu Jun 11 10:50:05 PDT 2009
On Jun 11, 2009, at 1:44 PM, Seth Hall wrote:
> Recently, I've been looking through some SSH traces trying to find a
> more refined heuristic because if someone logs in and then logs out
> again right away, it's likely the server will cross the byte count
> threshold and a successful connection will be marked as unsuccessful.
Oops, make that "...will *not* cross the byte count..."
More information about the Bro