Menu
What's new
By:
Filters Better Search

Hackers from US university just tried to get in

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

A

AdvHomeServer

Senior Member
I just had a little fun. We'll see what happens next, if anything.

DD-WRT OpenVPN server provides a verbose log. Included are details of who has tried to hack my router. This list is always busy whenever I look at it. Today some hackers with addresses that tracked back to a US university, UM-Ann Arbor, were noted. Just for grins I emailed the security department of the university with prints of what I found out on the trace. I included a couple of additional addresses from attempts a few minutes earlier.

Edit a few hours later: I received an email reply from another party at UM. This person stated I was a part of a research project by "computer scientists" and included verbiage that I interpreted as lacking precision, to put it delicately. I hope to get additional replies. This will probably make a great article for my web site later when the whole story is available to me. UM is now aware of my web site and my interest in writing about this.

Router logs are interesting things.

Edit next day: this is what they do ... scan and see what they find. Follow ups and inquiries elsewhere told me that this is a big yawn. Scans happen. live with it.
 
Last edited:
AdvHomeServer said:
I just had a little fun. We'll see what happens next, if anything.

DD-WRT OpenVPN server provides a verbose log. Included are details of who has tried to hack my router. This list is always busy whenever I look at it. Today some hackers with addresses that tracked back to a US university, UM-Ann Arbor, were noted. Just for grins I emailed the security department of the university with prints of what I found out on the trace. I included a couple of additional addresses from attempts a few minutes earlier.

Edit a few hours later: I received an email reply from another party at UM. This person stated I was a part of a research project by "computer scientists" and included verbiage that I interpreted as lacking precision, to put it delicately. I hope to get additional replies. This will probably make a great article for my web site later when the whole story is available to me. UM is now aware of my web site and my interest in writing about this.

Router logs are interesting things.

Edit next day: this is what they do ... scan and see what they find. Follow ups and inquiries elsewhere told me that this is a big yawn. Scans happen. live with it.
Click to expand...

they are legit. something to do with monitoring internet-wide TLS/SSL certificate usage and such. hey michiganders!
 
You are lucky they even responded to you. When I used to do both small PBX's and wireless routers the attacks on the PBX's were terrible. And most seem to come from China and Russia. If you ever tried to reply to the owners of the IP ranges with information it was just a signal to attack you more.
 
AdvHomeServer said:
I just had a little fun. We'll see what happens next, if anything.

DD-WRT OpenVPN server provides a verbose log. Included are details of who has tried to hack my router. This list is always busy whenever I look at it. Today some hackers with addresses that tracked back to a US university, UM-Ann Arbor, were noted. Just for grins I emailed the security department of the university with prints of what I found out on the trace. I included a couple of additional addresses from attempts a few minutes earlier.

Edit a few hours later: I received an email reply from another party at UM. This person stated I was a part of a research project by "computer scientists" and included verbiage that I interpreted as lacking precision, to put it delicately. I hope to get additional replies. This will probably make a great article for my web site later when the whole story is available to me. UM is now aware of my web site and my interest in writing about this.

Router logs are interesting things.

Edit next day: this is what they do ... scan and see what they find. Follow ups and inquiries elsewhere told me that this is a big yawn. Scans happen. live with it.
Click to expand...
When I used to do both small PBX's and wireless routers the attacks on the PBX's were terrible
o.png
 
I get plenty of legitimate scans from colleges. Well... I assume they are by the hostnames and occasional HTTP server hosted by the scanner's IP explaining their project.


If you want a story, setup a honeypot/honeynet, track down those who infect your machine, document everything, then present your findings. You might even discover an unknown exploit or a new virus propogation technique.

lol, I have even ran into other researchers when doing this.

One of my favorite related Google Tech Talks is this www.youtube.com/watch?v=2GdqoQJa6r4

I forget the exact quote, but in that video, the security team estimated that during the week that they controlled the botnet, over $7million worth of financial data alone was logged. I think that was the conservative estimate too.
That was 2009. Imagine how much more powerful botnets are nowadays...
 
You must log in or register to reply here.

Similar threads

drinkingbird
Verizon FIOS - "disappointingly" good experiences
Replies
13
Views
742
drinkingbird
drinkingbird
R
RT-AC88U having high CPU usage from ASD - also dnsmasq-dhcp[410]: failed to write /var/lib/misc/dnsmasq.leases: No space left on device
2
Replies
32
Views
6K
kill-9
kill-9
Viktor Jaep
VPNMON VPNMON-R3 Custom Server List Generation Tutorials and Examples
2
Replies
37
Views
2K
salvo
S
M
Connecting two LANs to provide Public IP of LAN1 to LAN2
Replies
2
Views
731
majki
M
S
RT-AC5300 failed to write /var/lib/misc/dnsmasq.leases: No space left on device
Replies
1
Views
628
ColinTaylor
C

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 882 (members: 18, guests: 864)
Top