Maintain a Good Security Posture

Malicious actors are sadly everywhere these days so maintaining a good security posture for servers is essential. Last night I was enjoying watching this Mexican IP – 187.205.205.34 (dsl-187-205-205-34-dyn.prod-infinitum.com.mx) “lifting the door handles”.

You’d hardly call three to four attempts per minute a brute force attack. Perhaps it was to keep “off the radar”. Well that didn’t work… The malicious actor made 154 attempts before giving up (including some duplicate username/password pairs).

I’m still trying to figure out what the end game was, unless his collection of usernames and passwords are actually common.

Anyway. Here’s what was tried:

1. postmaster / password
2. postmaster / P@ssw0rd
3. postmaster / 123456
4. postmaster / postmaster1
5. postmaster / 12345678
6. postmaster / 123456789
7. postmaster / asdfgh
8. postmaster / Postmaster
9. postmaster / qwerty
10. postmaster / qwerty123
11. postmaster / abc123
12. postmaster / abc123456
13. postmaster / pass123
14. postmaster / Postmaster123
15. postmaster / 1q2w3e
16. postmaster / Postmaster123
17. postmaster / POSTMASTER1
18. postmaster / 123qwe
19. postmaster / Postmaster1
20. postmaster / 1q2w3e4r
21. postmaster / POSTMASTER
22. postmaster / qwertyuiop
23. postmaster / POSTMASTER
24. admin / password
25. admin / P@ssw0rd
26. admin / P@ssw0rd
27. admin / 123456
28. admin / admin
29. admin / admin1
30. admin / 12345678
31. admin / Admin
32. admin / asdfgh
33. admin / 123456789
34. admin / qwerty123
35. admin / 654321
36. admin / abc123
37. admin / abc123456
38. admin / Admin123
39. admin / ADMIN1
40. admin / 1q2w3e
41. admin / 1q2w3e4r
42. admin / Admin1
43. admin / 123qwe
44. admin / ADMIN
45. admin / qwertyuiop
46. test / P@ssw0rd
47. test / password
48. test / test
49. test / test123
50. test / test1
51. test / 123456
52. test / 12345678
53. test / asdfgh
54. test / qwerty
55. test / 654321
56. test / qwerty123
57. test / abc123
58. test / abc123456
59. test / Test123
60. test / TEST1
61. test / 1q2w3e
62. test / 1q2w3e4r
63. test / 123qwe
64. test / Test1
65. test / TEST
66. test / qwertyuiop
67. test / qwertyuiop
68. root / password
69. root / P@ssw0rd
70. root / root
71. root / 123456
72. root / 12345678
73. root / 123456789
74. root / asdfgh
75. root / Root
76. root / qwerty
77. root / 654321
78. root / pass123
79. root / abc123456
80. root / 1q2w3e
81. root / Root123
82. root / ROOT1
83. root / ROOT1
84. root / ROOT1
85. root / 1q2w3e4r
86. root / 123qwe
87. root / qwertyuiop
88. root / ROOT
89. backup / password
90. backup / backup
91. backup / 123456
92. backup / backup1
93. backup / backup1
94. backup / backup1
95. backup / backup123
96. backup / Backup
97. backup / 12345678
98. backup / Backup
99. backup / asdfgh
100. backup / 123456789
101. backup / 654321
102. backup / qwerty
103. backup / qwerty123
104. backup / abc123
105. backup / pass123
106. backup / abc123456
107. backup / Backup123
108. backup / 1q2w3e
109. backup / BACKUP1
110. backup / Backup1
111. backup / 1q2w3e4r
112. backup / 123qwe
113. backup / BACKUP
114. backup / qwertyuiop
115. info / P@ssw0rd
116. info / password
117. info / info
118. info / info1
119. info / 123456
120. info / info
121. info / info123
122. info / 12345678
123. info / 123456789
124. info / asdfgh
125. info / qwerty
126. info / 654321
127. info / qwerty123
128. info / abc123
129. info / pass123
130. info / abc123456
131. info / Info123
132. info / 1q2w3e4r
133. info / INFO1
134. info / Info1
135. info / INFO
136. info / qwertyuiop
137. postgres / P@ssw0rd
138. postgres / password
139. postgres / postgres
140. postgres / postgres1
141. postgres / postgres123
142. postgres / asdfgh
143. postgres / Postgres
144. postgres / 123456789
145. postgres / qwerty123
146. postgres / 654321
147. postgres / qwerty
148. postgres / abc123
149. postgres / pass123
150. postgres / abc123
151. postgres / abc123
152. postgres / abc123456
153. postgres / Postgres123
154. postgres / 1q2w3e