SSH servers under attack

“If you are running any SSH server open to the Internet, and your usernames and passwords aren’t at least 8 characters or so, your box is either owned by now, or about to be.”

A good reason to make regular off-line backups…

No matter how much a hacker destroys a server, with off line backups (eg on a disk) You can get the server back and running in a few day with “almost” no data losses… :slight_smile: :wink:

  • regarding this even if I skipped all the technicallities (I guess this is some sort of flaw recently found…)

I believe anyone running a server with a pass that got less then 8 letters are probably targets to dictionary and brute-force attacks anyway and should really look over their choice of pass… xD