HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Smalltalk (http://www.howtoforge.com/forums/forumdisplay.php?f=11)
-   -   Server attacks, where they originate from? (http://www.howtoforge.com/forums/showthread.php?t=23801)

tomde 31st May 2008 22:04

Server attacks, where they originate from?
 
I just a little curious if I'm the only one here, but I feel like i'm not. My web server for me and my friends seems to get tons of port scans and login attacks from china. I literally mean that about 70% of my attacks are from there. They particularly try to brute force my ssh server. Every now and they my router drops a smurf attacks and DoS attacks. I find it extremely annoying. I see there IPs all over the place in my authorization log.
I mean they have never gotten in or done anything successful but I find it really disheartening that they are try to hack me. This is they only thing about administrating my stuff that I don't like, but also find it to be a little bit fun :rolleyes:. I'm glad that they can't get in though, lol.
Now my other question is when do these attacks be come a cybercrime? Right now in my book i find it to be harassment, even from the US quote on quote hackers. So when can I draw the line? Is there a site to report server harassment? I know of cybercrime.gov, but I never had the balls to actually report them. But has anyone here ever done so?
Besides iptables block what else can be done. Oh I also installed fail2ban, however for some strange reason it is not working, so will have to fix it. Right now I'm switching to a ispconfig server :D woot!!

Also to all remember to not use sudo and make sure that remote root logins are disabled!!
You would not believe how many login attempts I have for the root account, lol :eek:

daveb 31st May 2008 23:27

Yes I dont think you are the only one. China machines always trying to take a peek in my servers also.

falko 1st June 2008 11:32

If fail2ban is not working for you, you can use Denyhosts or Blockhosts instead. :)

HostV 3rd June 2008 23:39

Recently revision3 (digg) also got attacked due to DDOS

http://www.downloadsquad.com/2008/05...mediadefender/

Very interesting story

MrStinky 12th August 2008 10:22

i changed my port number to some high number i also had the same annoying buggers trying to get in. Now its nice and calm.


All times are GMT +2. The time now is 13:24.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.