Since the 24 July, our HoneyNet has reveal increasing SSH brute force attempts. These scans are similar to the previous increasing SSH brute force attemps alert. The source IP addresses are only focusing on the root user.

1 week SIG 2001219 events activities

1 week SIG 2001219 events activities

1 Month TOP 10 source IPs for SIG 2001219

1 Month TOP 10 source IPs for SIG 2001219

You can follow the SSH Brute Force Attempts in our Use Case SUC015 with real time life data’s.

I recommend you to read these related posts

Zemanta