Hacker News new | past | comments | ask | show | jobs | submit login

These bots you are talking about are not intelligent, they do not find "insecure" servers to break into. They simply brute-force and exploit known bugs on popular services.

There is no botnet targeting web services running on DOS, because no one is running web services on DOS.




>they do not find "insecure" servers to break into. They simply brute-force and exploit known bugs on popular services.

What exactly is the difference?


Finding insecure servers, what human hackers would do, requires persistence, time and a working brain.

Bots, instead, throw shit at a wall and see what sticks. Move your SSH server with credentials root:root on port 1234 and notice how many bots get utterly defeated (only for sake of argument, because OpenSSH has a banner which makes it easy to identify wherever it's running)


>Bots, instead, throw shit at a wall and see what sticks

And once it sticks, an insecure server has been found. A bot is just a tool someone is using.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: