SSH client string "CoreLab-1.0" - a cracker group?

A 5 star hangout for overworked and underpaid system admins.
Post Reply
odysseus
Posts: 69
Joined: 2014/09/14 16:55:22

SSH client string "CoreLab-1.0" - a cracker group?

Post by odysseus » 2019/05/29 07:50:38

I get break-in attempts on my SSH. Once in a while, I get in the logs a client string called "CoreLab-1.0". I can't find anything related on Google. Is this a cracker group, or just a modified SSH app? *chit chat*

aks
Posts: 3073
Joined: 2014/09/20 11:22:14

Re: SSH client string "CoreLab-1.0" - a cracker group?

Post by aks » 2019/05/30 16:54:11

That could just be the "host identifier"

User avatar
avij
Retired Moderator
Posts: 3046
Joined: 2010/12/01 19:25:52
Location: Helsinki, Finland
Contact:

Re: SSH client string "CoreLab-1.0" - a cracker group?

Post by avij » 2019/05/30 16:58:14

My Google seems to work better. Maybe the bad guys are using code from https://www.devart.com/news/2007/sbridge100.html as a tool for their hacking attempts.

Post Reply