Page 1 of 1

SSH client string "CoreLab-1.0" - a cracker group?

Posted: 2019/05/29 07:50:38
by odysseus
I get break-in attempts on my SSH. Once in a while, I get in the logs a client string called "CoreLab-1.0". I can't find anything related on Google. Is this a cracker group, or just a modified SSH app? *chit chat*

Re: SSH client string "CoreLab-1.0" - a cracker group?

Posted: 2019/05/30 16:54:11
by aks
That could just be the "host identifier"

Re: SSH client string "CoreLab-1.0" - a cracker group?

Posted: 2019/05/30 16:58:14
by avij
My Google seems to work better. Maybe the bad guys are using code from https://www.devart.com/news/2007/sbridge100.html as a tool for their hacking attempts.