What's new

China Cyberspace Attack

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Chrish

New Around Here
I'm not happy about this... Is there any way to get this person/company in trouble? It's obvious that their trying to hack into whatever they can.

My router logs have been showing an attempt to hack my wireless router.

INFO] Tue Oct 28 21:47:27 2008 Blocked incoming TCP connection request from 222.180.37.14:12200 to 76.109.89.52:6081
[INFO] Tue Oct 28 21:47:27 2008 Blocked incoming TCP connection request from 222.180.37.14:12200 to 76.109.89.52:8000

I tried to RDP into the remote and a windows server login prompt came up.

I've attached the screenshot.
 

Attachments

  • hack.jpg
    hack.jpg
    10.9 KB · Views: 407
Take it easy. It happens all the time, 24/7. It is not about China - the attempts come from all over the world. And in some cases these are computers - zombies, their owners even do not know they have trojans working and used to break in to other computers.

Make sure you have as less as possible open ports and strong passwords on the router and all computers/NASes inside the network. I would also recommend disabling UPnP on the router.

You could also use whois on the IP and find out who the domain owner is, then write an e-mail to him, asking to do smth - do not bother, I have tried. no answer. May be if you phone them, they would do smth.

I also noted that these attacks usually happen when you use bit torrent, or similar. This is the way they get your IP as potential target.
________
Sexy girls
 
Last edited:
Probably not the most legal, but I used to have an "agreement" on my RDP and FTP that basically said, "if you try to log in here you give me permission to do the same to you".

Just for fun sometimes I'd RDP or \\IP\c$ to the offending IP... it was amazing how many were blank passwords, easy passwords, or would drop you right in... sometimes they were servers and the actual hacking software would be running in the background. Some I'm guessing were zombies, I would hope hackers wouldn't be dumb enough to leave their passwords blank while trying to hack others.

In any case, that's what your router is for, don't worry about it... chasing every little access attempt while drive you insane, just make sure things are secure and forget about it... You can also shut off ICMP so port scans looking only for active clients will bypass you...
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top