General discussion


Hackers attack every 39 second

By DanLM ·

Good god, thats depressing. Every 39 seconds. Oi.

The crutz of this article basicatly says they run automated scripts looking for potentional computers to break into, then run brute force scripts. ****, I can attest to that just looking at my logs.

But, every 39 seconds... Sh*ttttttttttttt.


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Not good!

by Steffi28 In reply to Hackers attack every 39 s ...

It kinda makes you scared to use your computer for anything important.

Collapse -


by dawgit In reply to Not good!

For that you now MUST use some sort of security measures. On both ends. No options anymore. sad but true. Total encription would be nice, if we could get the restrictions lifted. :_| -d

Collapse -

I caught that too, but

by dawgit In reply to Hackers attack every 39 s ...

I would say it's probably worse at times. By my own very un-scientific figures it has been at times every 12 seconds. :0 (yes, I sat here with a stop watch a year or so ago. Set up an un-securied machine and waited. Holey krap, it was a feeding frenzy.) And I think it has gotten worse too. -d

Collapse -

Did you use a lynix box?

by DanLM In reply to I caught that too, but

I will say this, if you look at that article. They used a lynx box for their testing. I find that really interesting, and here is the reason why.

When I was setting up my original BSD firewall rules on my home machine, I found a post in a forum I go to that suggested firewalling anything that has an OS of dynix because they are usually the most hacked box's because the admins do not set them up correctly. Following that up, I can tell you from watching my block entries in the pflog that this rule probably blocks more attempts then any of my other rules.

I just found that interesting. I would have thought that the OS to block would have been MS.

This is not a bash, this is just an observation.


Collapse -

None taken (by me anyway)

by dawgit In reply to Did you use a lynix box?

The bash part.
No, When I had done my 'test', curiosity actually. I had used a Windows Machine, XP-Home edit. I think. With no protection. (as in firewall, or ext. box) It of course had to be wiped and re-built. (which I knew in advance, and had prepared for.) I had a standard broad-band connection. (at that time was 798 kbs, or some wapping speed at that time) I had been hit, and had heard the statistics. And just wanted to see for myself. It's bad out there. That's no joke.
I have thought of adding another layer to what I already have. ANs was thinking of a set like you described. BSD or SEL, is the two possibles I might consider. So thanks for the input.
Yes I would have though an MS OS would be the most hit also. (but it was the only one I had tried) Maybe it's time for another test, with several OS's, WinXP, Vista, and several Unix/Linux variations. (yea, right, like I have soooo much time ) Good idea though. -d
edited to correct some spelling (big fingers on these little keys again)

Collapse -

What I meant was

by DanLM In reply to None taken (by me anyway)

I block all attempts by lynix os's that try to ssh to my box, no other rule then that. I have other rules in, but that is probably the first/second one in the list of rules. Wack, don't bother looking no further.

Hmmmmmmm, I wonder why they hack these lynix box's for running these scripts. Because lynx doesn't take as much processing power for various daemons like this? ****, that doesn't make any sense. I've looked at a ps -ax on lynx, and can usually tell what is what. But if I look at the task manager in windows, I have no idea what I'm looking at.

Hmmmmm, I still find that interesting. Oh well. Food for thought on a rainy day when the better half isn't home and the cartoons suck.


Collapse -

oh :0 and...

by dawgit In reply to What I meant was

There I went off in totaly different direction. (maybe) I should pay attention a little better. (next time)
It could be that someone (or many) are just looking for Shells to park particular programs (probably not good) for a while. quite common actually. And not always bad. In fact you can rent shells and do egg-drops with-out any problems, it's done all the time. I guess If I (or anyone) were looking for a shell (yes even SSH) and I saw one that happened to be yours, I would be mistaken that it might be open.
Is there some way to mask that so it's not seen? -d

Collapse -


by Cactus Pete In reply to oh :0 and...

Google about for "port knocking".

Related Discussions

Related Forums