cancel
Showing results for 
Search instead for 
Did you mean: 

Chinese hackers

Community Veteran
Posts: 5,357
Thanks: 486
Fixes: 1
Registered: 21-03-2011

Chinese hackers

When I'm feeling bored I'll browse the log file on our servers to spot hacker attempted intrusions. We have fairly good security and can spot these attempts. In persistent cases we lock out their IP address/range at the firewall. Many of these hack attempts come from China and are relatively unsophisticated in their approach, clearly looking to find servers which are insecure and inadequately patched O/S. They are after the easy low hanging fruit.  We usually report each hack attempt to one of the IP blacklisting sites. There seems to be specific ranges of IP addresses where the majority of the low grade hacks originate.
The question  which comes to mind is why do they reach our servers at all? Surely PlusNet could offer an optional filtering service at the ISP level to stop these bozo's?
Now Zen, but a +Net residue.
11 REPLIES
pwatson
Rising Star
Posts: 2,468
Thanks: 8
Fixes: 1
Registered: 26-11-2012

Re: Chinese hackers

They do - They provide a firewall that can be turned on if required...
Community Veteran
Posts: 4,949
Thanks: 359
Fixes: 16
Registered: 10-06-2010

Re: Chinese hackers

The plusnet broadband firewall would block ports for all IP addresses, there isn't a facility to only block bad IP addresses.
pwatson
Rising Star
Posts: 2,468
Thanks: 8
Fixes: 1
Registered: 26-11-2012

Re: Chinese hackers

Correct - When turned on access will be blocked and therefore solves the problem for the OP.  Of course, there are (possibly undesirable) side effects!
Now, if the OP is seriously suggesting that along with filtering outgoing access they should also be responsible for filtering incoming access (ie two way censorship)...

Community Veteran
Posts: 5,357
Thanks: 486
Fixes: 1
Registered: 21-03-2011

Re: Chinese hackers

There are IP lists available listing the common hack sources. It make sense to have this as a "service" rather than each user maintaining their own service.
Now Zen, but a +Net residue.
Community Veteran
Posts: 3,380
Thanks: 2
Registered: 18-01-2013

Re: Chinese hackers

The last 5 hacking attempts against my server were from (in chronological order)
Brazil
Stockholm
Russia
UK
USA
Oh and one trying to compromise my mail server from a Microsoft direct IP address.
Generally I seem to get them from the Russian / Ukraine and China but there seems to be quite a spread of compromised machines who keep having a pop at my servers.
TORPC
Grafter
Posts: 5,163
Registered: 08-12-2013

Re: Chinese hackers

Here is a list from past 90 days the Stop Forum Spam prevents access
Domain Count
gmail.com 868
hotmail.com 675
yourbusinesstips.biz 280
yandex.com 255
mail.ru 98
yandex.ru 63
yahoo.com 32
aol.com 24
parrottes.com 23
interia.pl 23
mail.johnscaffee.com 22
bajarpeso24.es 20
wegas.ru 20
zak20009.meximas.com 19
outlook.com 19
vvgmail.com 18
pillsshop.info 18
ymail.com 14
comedimagrire24.it 11
hwkaaa.besaba.com 9
IP Count Country
118.97.95.182 33 Indonesia
91.236.74.3 24 Poland
91.188.124.229 23 Poland
91.236.74.7 22 Poland
221.176.23.242 21 China
91.236.74.158 20 Poland
91.200.13.43 19 Ukraine
91.207.7.238 19 Ukraine
91.236.74.191 19 Poland
110.170.137.26 19 Thailand
31.128.224.184 18 Ukraine
91.236.74.138 16 Poland
109.87.146.211 16 Ukraine
61.164.163.138 15 China
116.236.216.116 14 China
91.207.5.54 14 Ukraine
23.238.233.90 14
91.236.74.134 13 Poland
114.141.162.60 12 China
208.177.76.15 12 United States
Community Veteran
Posts: 5,357
Thanks: 486
Fixes: 1
Registered: 21-03-2011

Re: Chinese hackers

This website gives an idea of the possible... stopping hackers
Now Zen, but a +Net residue.
pwatson
Rising Star
Posts: 2,468
Thanks: 8
Fixes: 1
Registered: 26-11-2012

Re: Chinese hackers

That appears to be balanced, factual, coldly analytical and unbiased web site  Wink
Gotta love the land of the free!
TORPC
Grafter
Posts: 5,163
Registered: 08-12-2013

Re: Chinese hackers

Google got a cheek, Have they not
Quote
Google has expressed serious concerns about hacking attempts originating from China.

Does anyone remember when they were driving the streets of UK & hacked innocent citizens WiFi Usernames / Passwords etc ??


If you need to validate email addresses
Here is a good place to start
http://mxtoolbox.com/blacklists.aspx
Community Veteran
Posts: 3,380
Thanks: 2
Registered: 18-01-2013

Re: Chinese hackers

Oops - just had another hacking attempt .......... by the Chinese !  Sad
TORPC
Grafter
Posts: 5,163
Registered: 08-12-2013

Re: Chinese hackers

This is todays attempts so far.....