On Fri, 02 Sep 2005 12:24:54 BST, Adam Funk writes: >Sometimes the interval between "Did not receive" and the first "Failed >password" is as long as 20 minutes. Why do the SSH cracking programs >omit the string the first time, and why do they wait a while after >that to start trying userids and passwords?
Probably becasue at first they do a sweep and look where port 22 is at least open, before they start with "real" cracking attempts. cheers, &rw -- / Ing. Robert Waldner | Security Engineer | CoreTec IT-Security \ \ <[EMAIL PROTECTED]> | T +43 1 503 72 73 | F +43 1 503 72 73 x99 /
pgpijRz66yAax.pgp
Description: PGP signature
