lala_rawraw
(1000+ posts)
Send PM |
Profile |
Ignore
|
Tue Aug-02-05 11:16 PM
Original message |
Um, wtf - again with the intrusion attempts non-stop??? |
|
MyDD just went down, so did Brad Blog and now I am getting hit non-stop with intrusion attempts... here are the IPS, anyone want s'plain this to me in basic english?
61.253.253.107 211.204.226.32
|
wli
(1000+ posts)
Send PM |
Profile |
Ignore
|
Tue Aug-02-05 11:20 PM
Response to Original message |
1. Korea and Hong Kong, respectively |
|
Crossing national borders is a typical accountability dodge, not necessarily foreign influence.
|
iconoclastic cat
(1000+ posts)
Send PM |
Profile |
Ignore
|
Tue Aug-02-05 11:25 PM
Response to Reply #1 |
3. Are those proxies? I don't recognize them. |
lala_rawraw
(1000+ posts)
Send PM |
Profile |
Ignore
|
Tue Aug-02-05 11:26 PM
Response to Reply #3 |
5. it is why Norton gave me |
|
no clue what they are, but my network connection just went down because it is overloaded with, I think, attack after attack... or who the hell knows. maybe shut off pooter and go to bed? in the morning the cooties will be gone, I hope.
|
iconoclastic cat
(1000+ posts)
Send PM |
Profile |
Ignore
|
Tue Aug-02-05 11:38 PM
Response to Reply #5 |
9. Do yourself a favor and get a small router. They take the load. |
|
not your computer. I have a Belkin 5-port network switch: http://catalog.belkin.com/IWCatSectionView.process?Section_Id=201487My software firewall is on too, but it hasn't registered a single blip in a year now.
|
wli
(1000+ posts)
Send PM |
Profile |
Ignore
|
Tue Aug-02-05 11:32 PM
Response to Reply #3 |
8. you need to portscan them to figure out if they're open proxies |
|
More likely they're zombies, though.
|
drm604
(1000+ posts)
Send PM |
Profile |
Ignore
|
Tue Aug-02-05 11:54 PM
Response to Reply #8 |
|
Edited on Tue Aug-02-05 11:55 PM by drm604
* + 211.204.226.32 |___ 139 NETBIOS Session Service |___ 1025 network blackjack |___ 5000 ?
The other IP, 61.253.253.107, doesn't respond at all. So it doesn't look like they're open proxies (but I'm not sure what's going on at 5000).
Lala, have you been playing online blackjack with a Korean? :)
|
ohio_liberal
(1000+ posts)
Send PM |
Profile |
Ignore
|
Tue Aug-02-05 11:56 PM
Response to Reply #10 |
|
Thanks, I needed a chuckle tonight :)
|
lala_rawraw
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Aug-03-05 09:29 AM
Response to Reply #10 |
|
Wait, can you tell me in english what you just said above?
|
drm604
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Aug-03-05 02:48 PM
Response to Reply #12 |
|
Have you been using your computing device to play the card game known as "21" by long distance computer networks with a person residing in Korea? :evilgrin:
|
drm604
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Aug-03-05 03:04 PM
Response to Reply #13 |
15. Okay, that was unfair |
|
but I couldn't resist. Basically, if there really were intrusion attempts from those IP address then they most likely came directly from those addresses rather than from someone somewhere else redirecting attacks through them. There don't appear to be any open ports, at this time, through which to redirect an attack. Actually I can think of a few possibilities: First, the obvious one, someone was knowingly physically launching the attacks from machines at those IP addresses. Another possibility is that those machines were infected with a trojan or virus which caused them to launch the attack without the knowledge of their owner/operator. One less likely possibility is that at the time of the attack they did have one or more open ports which did allow a redirected attack, then someone noticed what was happening and closed that opening. So I guess what it all comes down to is - I don't know.
|
ohio_liberal
(1000+ posts)
Send PM |
Profile |
Ignore
|
Tue Aug-02-05 11:22 PM
Response to Original message |
|
because of high election traffic, not because of any kind of attack
|
lala_rawraw
(1000+ posts)
Send PM |
Profile |
Ignore
|
Tue Aug-02-05 11:25 PM
Response to Reply #2 |
4. you know me, ever since that first time around |
|
I start going batty when suddenly so many attempts come in. I mean I get none for like a month and then boom boom boom, blah!! sorry to make a fuss... i am stupido for sure-o
|
AuntPatsy
(1000+ posts)
Send PM |
Profile |
Ignore
|
Tue Aug-02-05 11:28 PM
Response to Reply #4 |
6. When your computer was hit last week, so was mine in the same |
|
way yours was, conincidence? There is definately something in play going on here. I would take a nap myself ;-)
|
ohio_liberal
(1000+ posts)
Send PM |
Profile |
Ignore
|
Tue Aug-02-05 11:28 PM
Response to Reply #4 |
|
I've been doing the rounds. dKos and MyDD both went down tonight for a bit because of high traffic. Neither site suspected any foul play
|
me b zola
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Aug-03-05 03:03 PM
Response to Original message |
|
Professional hackers who do not wish to be traced, go through Korea.
|
DU
AdBot (1000+ posts) |
Fri Apr 26th 2024, 01:39 AM
Response to Original message |