View previous topic :: View next topic |
Author |
Message |
DaKine Guest
|
Posted: Fri Jan 28, 2005 11:12 pm Post subject: I got hacked |
|
Ok today i went to crackspider.com to get a crack for MIRC and my system just got messed up so i ran adaware se and stuff restarted after a bit my games kept crashing so i reinstalled the games then! i get a black screen with someone that Mesages me with the name Trinity and my name as Neo.. so i shut down my machine and again i got another message.. so i hooked up my router. i am curious on what i can do about this or what this Program is? or how i can get the persons ip or if he could of got any information on my machine. as i have alot of crap on notepad |
|
Back to top |
|
|
OPENSTEP The One
Joined: May 25, 2003 Posts: 4752 Location: Santa Barbara, CA
|
Posted: Sat Jan 29, 2005 9:54 am Post subject: |
|
That's not coming from this machine but from someone else. We're not hackers, rather only their targets, like everyone else. It just sounds like you need to disable the Messenger service. You may want to get XP SP2...or get a Mac
ed |
|
Back to top |
|
|
ss0 Guest
|
Posted: Wed Sep 07, 2005 11:18 am Post subject: knockd |
|
If you are constantly having brute force attempts, I would recomend the use of the knockd daemon. It gives you the ability to not have port 22 (or any other port) which answers ssh available. |
|
Back to top |
|
|
OPENSTEP The One
Joined: May 25, 2003 Posts: 4752 Location: Santa Barbara, CA
|
Posted: Wed Sep 07, 2005 9:01 pm Post subject: |
|
Thanks for the recommendation on knockd. I had heard such a port knocking thing was in development but hadn't realized it'd gotten to a point where it was robust!
While there are still a somewhat frequent number of attempted brute force attacks, they're just troublesome in the sense that they take up bandwidth that could be used for other purposes. The main trinity server is now on private/public key authentication only, so although sshd is still responding to those requests they're really just pesky DoSes and not anything that could ever break through. Perhaps if I throw knockd in as well I wouldn't have to worry about even responding to them
ed |
|
Back to top |
|
|
anube Guest
|
Posted: Tue Nov 22, 2005 3:48 pm Post subject: Empathy |
|
I knew I wasn't alone, but I didn't know how bad it really was. I just recently added my dev server to the DMZ and I'm already listing scores of brute force attemps to get into my system. One of the same things that make the internet great is what makes it such a dangerous place -- anonymity. Can you imagine these same people walking down every neighborhood checking each door to see if it's unlocked?
I'm just glad I'm not running a windows server. It's a little unneverving that there are scores of idiots randomly scanning for would be hosts for the next great internet attack.
I just recently stumbled upon snort.org that is claiming to be the de-facto standard and am planning on giving it a try. Good like with your site! |
|
Back to top |
|
|
Wicked Blue Pill
Joined: Aug 30, 2006 Posts: 1
|
Posted: Wed Aug 30, 2006 6:17 pm Post subject: problems |
|
I was following this forum and I too am having these problems. In fact my website was defaced today. Thankfully they did not toy with anything else. Just to be safe however I restored everything. It sounds like you are doing a decent job at combatting these hackers. I would be interested in learning as far as what disable password login is and such so I can protect my own site more effienciently. As well I am beginning a phpbb module to update user boards with known hacker ips to help prevent access to their boards. This is how I found this site through a google search of hacker ips. I hope to help others by collecting thousands of ips if that is what it takes and have them installed on everyones phpbb. If you do not want to share any of this info on the board please feel free to pm me or email me with the email i signed up with. Thanks
P.S. I would also be interested in hearing what exactly ssh accomplishes in your root directory. Sorry for my newb questions but Im trying to learn..
Fighting for the greater good..
Jason |
|
Back to top |
|
|
ovvldc Captain Naiobi
Joined: Sep 13, 2004 Posts: 2352 Location: Zürich, CH
|
Posted: Sun Jun 17, 2007 2:34 am Post subject: |
|
I just deleted an advertising message by a guest originating from IP 66.56.200.74.
(and for got where the spam reporting thread was, so added it here)
Best wishes,
Oscar _________________ "What do you think of Western Civilization?"
"I think it would be a good idea!"
- Mohandas Karamchand Gandhi |
|
Back to top |
|
|
Samwise Captain Naiobi
Joined: Apr 25, 2006 Posts: 2315 Location: Montpellier, France
|
Posted: Sun Jun 17, 2007 4:02 am Post subject: |
|
For future reference :
Forum spam |
|
Back to top |
|
|
ovvldc Captain Naiobi
Joined: Sep 13, 2004 Posts: 2352 Location: Zürich, CH
|
Posted: Sun Jun 17, 2007 8:39 am Post subject: |
|
Thanks. Sunday morning fogginess kicking in there..
-Oz |
|
Back to top |
|
|
pluby The Architect
Joined: Jun 16, 2003 Posts: 11949
|
Posted: Sun Jun 17, 2007 8:52 am Post subject: |
|
ovvldc wrote: | I just deleted an advertising message by a guest originating from IP 66.56.200.74. |
FYI. I've added that IP to the "deny" list in Trinity's web server.
Patrick |
|
Back to top |
|
|
|