今回はいつものspammerの所属するネットワークの
ip情報から作ったPeerGuardianのlistだけでなく
どういうidとpassでアタックしてくるかの実例を
公開します。
VRTSERVERS Vrtservers, Inc:64.56.64.0-64.56.79.255
VRTSERVERS Vrtservers, Inc:74.222.0.0-74.222.31.255
(guest:guest) from [74.222.3.142]
(sales:sales) from [74.222.3.142]
(postmaster:postmaster) from [74.222.3.142]
(admin:admin) from [74.222.3.142]
(office:office) from [74.222.3.142]
(spam:spam) from [74.222.3.142]
(test:test) from [74.222.3.142]
(guest:guest123) from [74.222.3.142]
(sales:sales123) from [74.222.3.142]
(postmaster:postmaster123) from [74.222.3.142]
(admin:admin123) from [74.222.3.142]
(office:office123) from [74.222.3.142]
(spam:spam123) from [74.222.3.142]
(test:test123) from [74.222.3.142]
(guest:guest12345) from [74.222.3.142]
(sales:sales12345) from [74.222.3.142]
(admin:admin12345) from [74.222.3.142]
(postmaster:postmaster12345) from [74.222.3.142]
(office:office12345) from [74.222.3.142]
(spam:spam12345) from [74.222.3.142]
(test:test12345) from [74.222.3.142]
(guest:12345) from [74.222.3.142]
(sales:12345) from [74.222.3.142]
(postmaster:12345) from [74.222.3.142]
(admin:12345) from [74.222.3.142]
(office:12345) from [74.222.3.142]
(spam:12345) from [74.222.3.142]
(test:12345) from [74.222.3.142]
(guest:qwerty) from [74.222.3.142]
(sales:qwerty) from [74.222.3.142]
(postmaster:qwerty) from [74.222.3.142]
(admin:qwerty) from [74.222.3.142]
(office:qwerty) from [74.222.3.142]
(spam:qwerty) from [74.222.3.142]
こんな感じで総当たりをしてきます。
左がidで右がpassです。コロンで区切った括弧中の。
興味深いのはpassに使われている「qwerty」です。
当然、キーボードの配列順で、その呼び名にも
使われていますが、結局、単純なキーボードの
並びもpassやidとして総当たりに使われて、
これらを使っていた場合には突破される事も
あり得るという事です。
みなさん注意して下さい。
