I just a little curious if I'm the only one here, but I feel like i'm not. My web server for me and my friends seems to get tons of port scans and login attacks from china. I literally mean that about 70% of my attacks are from there. They particularly try to brute force my ssh server. Every now and they my router drops a smurf attacks and DoS attacks. I find it extremely annoying. I see there IPs all over the place in my authorization log.
I mean they have never gotten in or done anything successful but I find it really disheartening that they are try to hack me. This is they only thing about administrating my stuff that I don't like, but also find it to be a little bit fun
. I'm glad that they can't get in though, lol.
Now my other question is when do these attacks be come a cybercrime? Right now in my book i find it to be harassment, even from the US quote on quote hackers. So when can I draw the line? Is there a site to report server harassment? I know of cybercrime.gov, but I never had the balls to actually report them. But has anyone here ever done so?
Besides iptables block what else can be done. Oh I also installed fail2ban, however for some strange reason it is not working, so will have to fix it. Right now I'm switching to a ispconfig server
Also to all remember to not use sudo and make sure that remote root logins are disabled!!
You would not believe how many login attempts I have for the root account, lol