F*cking Asian asshole hackers
 

Straight from the server logs yesterday:

Authentication Failures:
root (220.228.225.34): 564 Time(s)
unknown (220.228.225.34): 92 Time(s)

Every fucking day:

220.228.225.34 Failed password for invalid user clark from
220.228.225.34 Failed password for invalid user jackal from
220.228.225.34 Failed password for invalid user clinton from
etc...

:disgust

http://www.big-boys.com/articles/ghettofight.html

that should make you feel better

Where did you get Asian from....

Hmm.. maybe a little overdone.
Just give me 5 mins with him in a room without windows... I'll let him shit his pants. That would make me happy. :)

220.228.225.34 traced to: adsl-220-228-225-34.BC.sparqnet.net

It looks like the IP address is from Taiwan.

it's everyday.. this is not the worse ...

Invalid Users:
Unknown Account: 12704 Time(s)
Authentication Failures:
unknown (newweb.speedscript.com ): 3001 Time(s)

This is a fucking pharmacy that probably is looking to spam thru others mail servers ....
I mailbomb these guys and DDOS them after I warned their provider, which never answers. I take it as a taxit aknowledgement and permission to do so.

Change your ssh port to something else than default...that'll help...

He's already trying a wide range of ports..Almost every attempt is at a different port.
But thanks for the tip anyway man ! :thumbsup

Join the club :disgust

So let me guess, because they didn't reply your warnings, you decided to take it into your own hands and DDoS them, mailbomb them, etc? Wow you are fucking retarded. Not only is it retarded to do that, but you spout it out here on a public forum. Also, any system connected to the internet gets probed regularly for everything from IIS exploits to SSH login/pass combos.

I agree with DirectFiesta. You email them, you email the ISP.. no response means war. :thumbsup

:1orglaugh :1orglaugh :1orglaugh

or I bend over and take it up the ass ????

No thanks ....

Exactly!

Otherwise , I will have 300 fucking phone calls from clients if one of these pricks compromise one of my boxes ....

yes, this is fucking annoying, there are things you can do in your ssh_config like limit attempts from same IP to 2 times only, or change your port like someone else said...

Blocking more than f.e. 5 attempts from 1 ip looks like a good one to me..
Thanks man !

they don't have anything else to do...happens every day

nice to see you do some threads now dude. :thumbsup

Sometimes the only way!

Hey now let's not have racist remarkson GFY :winkwink:

Let me keep this short and sweet. A security-aware system administrator would not worry about probes, as they should be confident they have there packet filtering and system patches up to date. If you are lacking, that is your fault, not others, idiot.

setup a firewall and block the ip
it could be worse so stop looking at it log attempts and block them before they get in

What's new ...

maybe a firewall :)
or just add in hosts.deny or only allow ssh from YOUR ips :)

Thanks for all tips guys.. :thumbsup

welcome to the internet :)

Its natural thing don't be pissed off...