In this blog post, we will explore how Zeek detects SSH brute forcing. We will explore the SSH handshake to understand how it works. Next, I will demonstrate several test cases of Zeek detecting SSH brute forcing. Finally, this post will lay down the foundation to implement active defense controls with Zeek in future posts. […]
Article Link: https://holdmybeersecurity.com/2019/04/17/detecting-ssh-brute-forcing-with-zeek/