Common SSH User Names Based On Authentication Log Attack
Here are some common SSH User Names that have been attacked on one of my Raspberry Pi’s.
I figured I would go ahead and share this with everyone as a way to show what many scanners and brute force attackers are using nowadays.
1 *1111
1 *123
1 *1234
1 *1502
1 *3comcso
1 *adfexc
1 *admin2
1 *Administartor
1 *ADMINISTRATOR
1 *adminstat
1 *adminstrator
1 *adminuser
1 *adminview
1 *ADVMAIL
1 *ajay
1 *anthony
1 *Any
1 *apc
1 *at4400
1 *bciim
1 *bcim
1 *bcms
1 *blue
1 *bot
1 *cablecom
1 *cablemodem
1 *cac_admin
1 *ccrusr
1 *cellit
1 *chico
1 *Cisco
1 *client
1 *cmaker
1 *comcast
1 *corecess
1 *CSG
1 *cusadmin
1 *cust
1 *customer
1 *dadmin
1 *davox
1 *deskalt
1 *deskman
1 *device
1 *dhs3mt
1 *disttech
1 *django
1 *dJET
1 *D-Link
1 *draytek
1 *DTA
1 *dustin
1 *e250
1 *e500
1 *echo
1 *eng
1 *ftp_admi
1 *ftp_oper
1 games
1 *GEN1
1 *GEN2
1 *helpdesk
1 *hsa
1 *hscroot
1 *HTTP
1 *installer
1 *intel
1 *intermec
1 *IntraStack
1 *IntraSwitch
1 *jccurtis
1 *JDE
1 *kermit
1 *l2
1 *l3
1 *locate
1 *LUCENT01
1 *LUCENT02
1 *m1122
1 *mailman
1 *manuf
1 *MDaemon
1 *mediator
1 *MICRO
1 *mlusr
1 *mother
1 *mtcl
1 *naadmin
1 *nagios
1 *nagiosuser
1 *NAU
1 *netopia
1 *netrangr
1 *netscreen
1 *NETWORK
1 *NICONEX
1 *nms
1 *none
1 *operator
1 *orohipo
1 *osmc
1 *PBX
1 *PCUSER
1 *PFCUser
1 *Polycom
1 *PRODDTA
1 *radware
1 *rcust
1 *readonly
1 *reboot
1 *recovery
1 *replicator
1 *RMUser1
1 *router
1 *rw
1 *rwa
1 *scmadmin
1 *service
1 *slim
1 *smc
1 *smtp
1 *SPOOLMAN
1 *storwatch
1 *su
1 *super.super
1 *supervisor
1 *svn
1 *Sweex
1 *SYSDBA
1 *t1na
1 *target
1 *telco
1 *telecomadmin
1 *tellabs
1 *telnet
1 *temp1
1 *test123
1 *tiger
1 *toor
1 *topicalt
1 *topicnorm
1 *topicres
1 *ts3
1 *ubuntu
1 *User
1 *USERID
1 *vcr
1 *VNC
1 *volition
1 *VRR1
1 *vt100
1 *VTech
1 *websecadm
1 *WP
1 *wradmin
1 *xbox
1 *xd
1 *ZXDSL
2 *266344
2 *adela
2 *adminttd
2 *ADMN
2 *anonymous
2 backup
2 *bbsd-client
2 *bcnas
2 *browse
2 *cgadmin
2 *desknorm
2 *deskres
2 *developer
2 *dhs3pms
2 *diag
2 *enquiry
2 *ftp_inst
2 *ftp_nmc
2 *GlobalAdmin
2 *halt
2 *inads
2 *init
2 *install
2 *jeff
2 *monitor
2 *mtch
2 *ncs
2 *netman
2 *op
2 *patrol
2 *poll
2 *public
2 *readwrite
2 *ro
2 *RSBCMON
2 *security
2 *setup
2 *sshusr
2 *superuser
2 *SYSADM
2 *system
2 *teacher
2 *tech
2 *telecom
2 *tiara
2 *ts
2 *webadmin
2 *wlse
2 *write
3 *acc
3 *Admin
3 *alex
3 *christian
3 *info
3 *jack
3 *log
3 *manager
3 *piranha
3 *super
3 *superadmin
3 *superman
3 *sysadmin
3 *ts3srv
3 *xbian
4 *craft
4 david
4 *debug
4 *ftpuser
4 lp
4 *PlcmSpIp
4 *postgres
4 *sebastian
4 sshd
4 *sysadm
4 *teamspeak
5 *bob
5 *cisco
5 *MAIL
5 *oracle
5 *send
6 *a
6 *administrator
6 *maint
6 *vyatta
7 *login
8 *Administrator
8 *default
8 *sales
9 *FIELD
9 *guest
9 *MANAGER
9 *OPERATOR
11 ftp
13 *test
22 *pi
27 *MGR
30 *user
48 *support
51 *ubnt
211 *admin
350 root
Leave A Comment