Fuckin foreigners hackers

[daveb47]

Another 800 plus overnight,still going at about 50 per hour.

no sshd (i use non standard high number port)

mostly smtp which get ip blocked after first attempt and i get email,i then block 20 ip each side manually.

Fuckin nuisance i know that.

[inconsistant]

Its the school holidays so they're probably just bored. When something like this happened to us I went round and spoke to their parents, who of course knew nothing about it.

They assured me that they would take appropriate action and sure enough the next day there was a timid knock on the door, an apology, and that was the last we heard of them.

[dieselnutjob]

smtp is pain in the arse

I use greylisting which helps but I think that eventually I will outsource my mx record to googlemail or something

[Partridge]

Its paedophile porn rings trying to use servers to store porn i suspect,lot of it about at moment.

http://news.sky.com/story/1238455/hackers-put-child-abuse-images-on-computers

My security is pretty good,plus fact that i am always checking so should be fine.

Fucking hell. Almost makes me scared to use the internet to be honest. Thank you Dave, for holding the fort so well for us.

[oman5]

all I can remember from the early '80s dawn of widespread home computer programming is

 

10 print "FUCK OFF";

20 goto 10

 

 

does this help?

[FredTransit]

are the attacks linked in any way to the heartbleed bug?

 

http://www.digitaltrends.com/computing/heres-a-list-of-websites-allegedly-affected-by-the-heartbleed-bug/#!DrYRd

 

list of affected sites.....

 

https://github.com/musalbas/heartbleed-masstest/blob/master/top1000.txt

[daveb47]

are the attacks linked in any way to the heartbleed bug?

 

http://www.digitaltrends.com/computing/heres-a-list-of-websites-allegedly-affected-by-the-heartbleed-bug/#!DrYRd

 

list of affected sites.....

 

https://github.com/musalbas/heartbleed-masstest/blob/master/top1000.txt

No Fred,probably just chancers looking for somewhere to store illegal stuff,usuallt paedo stuff nowadays.

Still going btw,over 2000 in last couple of days.

[FredTransit]

bloody ell wot a pain Dave! I thought my old forum having 60 a day was bad....

[daveb47]

They are not trying to access the forum,they are trying to take over the server.

[Guest Breadvan72]

Pinky and the Brain.

[daveb47]

They are at it again,500 plus and counting today so far.

[brickwall]

Wow! Are we that popular lol?

[Spiny Norman]

Hardly 'hackers' surely?

Won't these just be Russian spammers trying to sell us willy embiggening pills and fake iThings?There's no financial advantage to be gained from infiltrating Autoshite, quite the reverse.

 

hWe should try and sell them Cav's mouldy old BX, that'd sow them....

 

When I ran a forum there were hundreds of the fuckers. Looking in the spam logs usually revealed pages and pages of random looking email addresses.

[daveb47]

They are trying to access the server itself,not the forum.

Spammers are fairly easy to counter.

[loserone]

Have you something like fail2ban running? I don't (appear to) have too much trouble with smtp (yet), but it's always a matter of time

 

Oh, just read this part:

 

 

mostly smtp which get ip blocked after first attempt and i get email,i then block 20 ip each side manually.

 

Are you seeing hits from consecutive IPs, or is this just a precaution? 

[Spiny Norman]

Why would hackers want onto a car forum server? There's no money here, no banking details, credit card numbers etc, there are far better things for them to go after, surely?

[daveb47]

They could use the email server to send bulk spam emails,or use the space to store/distribute porn etc.

Or even somewhere to use for terrorist website maybe.Or just to store distribute pirate films or software.

Loads of uses.

Its not a car forum server,its a large server that just happens to host a car forum.

[Jim Bell]

Could I use it to store a broken old car?

That'd keep the hackers out. And I'd pay rent.

[daveb47]

If you can get it there i can probably find space for it on a hard drive..

[Lankytim]

Can't you let them upload it then delete it all? That would piss them off.

[daveb47]

Can't you let them upload it then delete it all? That would piss them off.

Unfortunately they would delete everything on there before changing passwords etc.

I could sort that out in a very short time but i would then have to rebuild board from latest backup.( i back up everything totally twice a day)

But there would be downtime and post losses.

Wont happen tho.

[Bucketeer]

[spike60]

Sorry to hear you're getting so much chew, I can offer no useful advice though. Keep up the good work!

[Lacquer Peel]

Bloody foreign hackers, the worst kind of hackers.

[Mr_Bo11ox]

They come over here undercutting our own hardworking cyber crims and putting undue strain on already scant resources like the Police and Norton anti-virus etc.

[Paul Dupart]

UKIP would sort them!

[daveb47]

Over 1200 attempts at accessing server in past couple of hours,still rising.

[Parky]

Can you trace the attempts back to one particular place or is it all hidden?

 

Maybe we could identify their location and block up their servers with Tagora pictures or something?

[Caffiend]

I don't know if such attempts come associated with originating domain names. If they do, then it would be very very very wrong to go to whois.com, extract any email addresses you can find and sign them up to spamsignup.com (< yes that really exists). So don't* do that.

[daveb47]

All from different ip addressed from multiple countries so no chance of tracing actual ip address

 

Large number of attempts from this IP: 190.187.47.55
Origin Country: Peru (PE)

Large number of attempts from this IP: 180.215.142.144
Origin Country: India (IN)

Large number of attempts from this IP: 188.52.27.50
Origin Country: Saudi Arabia (SA)

Etc so obviously using random proxies

About 1 every second at moment