Holy SSH Attacks, Batman

There must be some new worm or virus of some sort out there. As you can see if you scroll down a bit, I've written a dictionary defence program. I've been running this on my FreeBSD firewall for quite some time now and the though I've seen a few spikes in number of attacks per day, I've not seen anything like this before. Normally, I block about an average of one or two IPs a day from attacks being run on the 2 machines that I have with exposed SSH. Over this past weekend, I've seen 70 different IPs get busted. Quite a lot of action for a home network.

If anyone is privy to the "new shit" and knows of some new interweb threat, follow up here.

For any that are interested, here is the list of ip addresses:

• 58.26.105.190
• 60.248.155.71
• 62.157.90.26
• 62.225.15.82
• 62.99.253.59
• 63.80.0.241
• 64.172.119.49
• 65.60.121.5
• 67.103.112.92
• 72.244.54.226
• 78.96.220.78
• 80.153.125.224
• 80.201.241.44
• 80.35.244.216
• 81.7.76.88
• 83.103.85.91
• 83.12.137.44
• 83.18.93.50
• 83.208.41.97
• 84.50.26.22
• 85.114.130.83
• 87.106.88.111
• 87.139.14.178
• 89.175.19.243
• 92.67.63.94
• 124.240.124.237
• 124.42.124.87
• 124.81.160.10
• 130.127.235.36
• 131.130.32.36
• 132.252.65.77
• 134.169.164.12
• 134.60.75.129
• 145.253.222.90
• 190.144.38.91
• 190.15.193.42
• 193.111.19.11
• 195.190.125.194
• 195.43.6.6
• 196.212.26.229
• 196.212.96.98
• 200.108.139.37
• 200.110.160.250
• 200.118.119.48
• 200.132.99.3
• 200.171.74.149
• 200.209.6.130
• 200.21.231.45
• 200.241.99.51
• 200.40.203.66
• 200.43.219.134
• 200.52.81.206
• 200.76.176.37
• 202.105.50.136
• 202.133.196.132
• 202.71.216.126
• 207.245.33.81
• 212.66.148.180
• 213.23.175.198
• 213.23.55.162
• 217.112.37.67
• 217.35.80.115
• 217.91.121.237
• 218.106.193.130
• 218.214.37.15
• 218.84.31.129
• 221.179.218.200
• 222.73.37.199