[tor-talk] SIGAINT email service targeted by 70 bad exit nodes
Michael O Holstein
michael.holstein at csuohio.edu
Thu Apr 23 19:21:39 UTC 2015
>The question to me is: Do they all have something in common? What was the vector of compromise?
>Curiously enough, they all run Debian stable (according to the SSH version string "SSH-2.0->OpenSSH_6.0p1 Debian-4+deb7u2” *ALL* of them spit out on port 22 — no exception!).
FWIW a lot of Rasberry PI devices use that version string.
Cheap embedded devices as chaff?
-Mike.
More information about the tor-talk
mailing list