Author Topic: Someone in China Attacked My Network (Read 1650 times)

Writer The Wolf · May 30, 2018, 11:47:37 PM

I was working on my firewall and I saw a state show up indicating in IP from somewhere in China trying to log into my network over SSH.

Bring on the conspiracies.

Ad Bot · Advertisement

Grimlock� · May 30, 2018, 11:49:26 PM

it was due to Dennis Rodman's Pal's secret order to eradicate as many furries as possible to convince Annoying Orange to reschedule their meeting

xelau · May 30, 2018, 11:50:25 PM

wtf i love Dennis Rodman's Pal now

Conan · May 30, 2018, 11:50:30 PM

power cycle your router maybe, if you havent for a while. there was some recent news about some russian-sourced malware that targeted routers, but can be disrupted/broken by powercycling your router

Darth C3P0� · May 30, 2018, 11:59:18 PM

Dennis Rodman's Pal isnt in china you ding dongs

Grimlock� · May 31, 2018, 12:03:14 AM

Quote from: Darth C3P0� on May 30, 2018, 11:59:18 PM

Dennis Rodman's Pal isnt in china you ding dongs

Your complete and total lack of a sense of humor is showing

SeventhSandwich · May 31, 2018, 12:04:03 AM

attempted network intrusions are extremely common - I have a friend who does cybersecurity for my university and he says it's practically an hourly occurrence

I imagine this isn't a person consciously targeting your network specifically - it's probably a bot

Kumquat · May 31, 2018, 12:04:39 AM

Writer The Wolf · May 31, 2018, 12:10:35 AM

Quote from: Conan on May 30, 2018, 11:50:30 PM

power cycle your router maybe, if you havent for a while. there was some recent news about some russian-sourced malware that targeted routers, but can be disrupted/broken by powercycling your router

There's a dedicated firewall solution between my network and the DSL router/modem (That's where I saw the state record), so I'd be amazed if it was that, not to mention I restart everything on a pretty regular basis.

Quote from: Kumquat on May 31, 2018, 12:04:39 AM

Pffft. My ISP doesn't even support IPv6.

Darth C3P0� · May 31, 2018, 12:14:48 AM

Quote from: Grimlock² on May 31, 2018, 12:03:14 AM

Your complete and total lack of a sense of humor is showing

its pretty obvious it was a loving joke but knowing you, you tend to take me very seriously. if anything, that post was ironic

GreenBH� · May 31, 2018, 04:06:30 AM

Quote from: Darth C3P0� on May 31, 2018, 12:14:48 AM

its pretty obvious it was a loving joke but knowing you, you tend to take me very seriously. if anything, that post was ironic

sorry chinese hackman I'm not falling for your schemes today

Writer The Wolf · May 31, 2018, 07:35:10 AM

I am now actively rejecting SSH traffic for IP ranges of regions from which such traffic may be especially suspicious (China, Russia, India, etc.).

Trying to avoid the "Block the world" approach, and I'm not too worried about a network breach anyway.

Juncoph · May 31, 2018, 07:54:30 AM

tons of bots are designed to automatically spam every valid IP they can come up with in an attempt to find an opening, e.g. a port used for software that has a security flaw in it

going out of your way to block these feeler bots doesn't do much

Aide33 · May 31, 2018, 11:05:38 AM

My external VPS and home network get stufftons of bots trying to use default passwords or whatever.

I assume theres hundreds of chinese people running bots that scan the most common ports(22,23,etc)

My advice would be to port forward your ssh to some arbitrary port like 6273 and filter only IP's from your country if you don't need to connect from abroad

Darth C3P0� · May 31, 2018, 11:14:19 AM

Quote from: GreenBH� on May 31, 2018, 04:06:30 AM

sorry chinese hackman I'm not falling for your schemes today

stuff