on Mar 17th, 2008Denied? Let’s try again.
Last week we put a secure FTP server in a DMZ. Its not a “honeypot” FTP server as it does have access control by IP enabled on it. Today I thought it would be entertaining to review the logs from the weekend to see what kind of shananigans went on with it over the last few days. Of course there were attempts to access it by three or four different IP addresses. The entertaining part was the usernames they attempted. There where the usual suspects like root, admin, test, guest, anonymous, etc. How about “bitch” for a username? Gee…I wonder what the password would be for that user? What about CyberJohn? Is that the nickname of Eliot Spitzer? I realize that these were automated attempts but come on. Bitch? Seriously? In case you are wondering the password for bitch was sonofa. You’d think after the 50th time of getting “connection denied by client IP” their automated attempts would be smart enough to stop but they weren’t. The one thing the log review did enlighten me to was the need for complex usernames as well as complex passwords. Kind of scary how close a couple of the attempts were to actual user names.
One of life’s tougher decisions…(Rated R…its just better if its rated R!)