| View previous topic :: View next topic |
| Author |
Message |
OPENSTEP
The One
Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA
|
 Posted: Thu Nov 11, 2004 10:32 pm Post subject: List of Known Hackers |
|
OK, so it seems people trying to hack trinity are the norm, not the exception. Instead of making a new topic for each hacker's IP I find I figure I might as well make a single one that I just update as time goes by.
As to exactly why jackasses would hack servers of a project that is purely volunteer, has no corporate affiliations, and offers no monetary gain for its contributors, no credit card numbers, and no bandwidth with which to launch further attacks is utterly beyond me.
The douchebags in this thread have about as much morals as someone who steals a bag of rice from a starving Ethiopian and thinks they're the shit. And if the thought of that that gets you hard, seriously, get a fucking life (or some lezbo porn).
I don't have the time to track these fucks or the ability to pay money to pay my lawyer to file endless john doe lawsuits in CA court. I figure I'll just post these IPs and hope some unscrupulous shadowy saviour who appreciates open source will fight the good fight and unleash the Four Horsemen upon these asshats.
Here's the list of known hacker IPs as of today:
206.67.56.201 (a particularly persistent hacker)
222.106.62.141
218.21.129.105
And that's only since the new trinity server has been online. So NeoOffice users beware...there are at least 3 hackers out there on the take that want to force you to pay and use Microsoft Office. I suspect there will be more.
ed |
|
| Back to top |
|
 |
OPENSTEP
The One
Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA
|
| Posted: Tue Nov 16, 2004 11:48 pm Post subject: |
|
More hacker IPs:
217.160.187.73 (really flooded trying to get access for hours)
218.8.127.193
ed |
|
| Back to top |
|
|
OPENSTEP
The One
Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA
|
| Posted: Thu Nov 18, 2004 10:33 am Post subject: |
|
From this morning
211.220.193.115
ed |
|
| Back to top |
|
|
OPENSTEP
The One
Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA
|
| Posted: Mon Nov 22, 2004 10:04 am Post subject: |
|
Some more IPs for you. It seems trinity is becoming a popular target...over 200 attempts in the last two days, most from the first IP.
203.248.138.131
220.76.0.249
211.233.5.76
ed |
|
| Back to top |
|
|
OPENSTEP
The One
Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA
|
| Posted: Wed Dec 01, 2004 10:31 pm Post subject: |
|
Some more IPs from the depths:
211.196.157.45
220.70.167.67
Seems to have calmed down slightly in the last few days. Perhaps the hackers are realizing password login is disabled... 
ed |
|
| Back to top |
|
|
OPENSTEP
The One
Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA
|
| Posted: Mon Dec 06, 2004 11:03 pm Post subject: |
|
Some more IPs to keep you warm:
211.94.229.29
216.232.51.94
ed |
|
| Back to top |
|
|
Waldo
Oracle
Joined: Dec 03, 2004
Posts: 239
|
| Posted: Tue Dec 07, 2004 1:16 am Post subject: |
|
ed, have you considered putting in one of the protection systems (fortress, protector, sentinel, etc.) that they got over at nukecops.com -- some of them will auto-ban IPs that give you trouble. Also, make sure to keep phpnuke up to date. I suspect a lot of the hack attempts are automated-- someone probably wrote a script to google for php-nuke with known vulnerabilities and then try a few known methods to gain access...
This is a good thread for php-nuke security--
http://www.nukecops.com/forum25.html
W
| OPENSTEP wrote: | Some more IPs to keep you warm:
211.94.229.29
216.232.51.94
ed |
|
|
| Back to top |
|
|
OPENSTEP
The One
Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA
|
| Posted: Tue Dec 07, 2004 9:14 pm Post subject: |
|
Most of these aren't nuke hackers...those I just ban. These are people trying to get into the OpenBSD box itself through ssh vulns, trying to workaround security realms, etc. They're not trying to hack the forums, they're literally trying to hack into the CVS servers, the mail server, etc. IPs are from security logs and firewall logs.
ed |
|
| Back to top |
|
|
Waldo
Oracle
Joined: Dec 03, 2004
Posts: 239
|
| Posted: Wed Dec 08, 2004 1:39 am Post subject: |
|
| OPENSTEP wrote: | Most of these aren't nuke hackers...those I just ban. These are people trying to get into the OpenBSD box itself through ssh vulns, trying to workaround security realms, etc. They're not trying to hack the forums, they're literally trying to hack into the CVS servers, the mail server, etc. IPs are from security logs and firewall logs.
ed |
But... it's frickin' OPEN-"Only one remote hole in the default install, in more than 8 years!"-bsd!! What are they thinkin'!!!
W |
|
| Back to top |
|
|
OPENSTEP
The One
Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA
|
| Posted: Fri Dec 17, 2004 11:47 pm Post subject: |
|
I too don't understand why people seem to like trying to hack "open" systems. True, even though the default config doesn't have holes, you still gotta install other stuff to make that box useful. And even if you get in it's not like trinity can crack the codes to launch the missiles
All said, there are still folks who like to try, like this guy:
151.8.77.133
Sometimes I wonder why people think I enable ssh access for root 
ed |
|
| Back to top |
|
|
OPENSTEP
The One
Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA
|
| Posted: Sun Dec 19, 2004 2:27 pm Post subject: More hacker IPs |
|
I still wonder why people think this is fun. espeically people like those at:
200.23.34.31
and
202.65.202.2
who apparently was using some type of password hacking toolkit for ssh that started running through first names even though password login is disabled on the server. And SSH even reports back on failed login attempts just what types of authentication are allowed. Sad.
ed |
|
| Back to top |
|
|
ovvldc
Captain Naiobi
Joined: Sep 13, 2004
Posts: 2352
Location: Zürich, CH
|
| Posted: Sun Dec 19, 2004 2:56 pm Post subject: Re: More hacker IPs |
|
| OPENSTEP wrote: | | who apparently was using some type of password hacking toolkit for ssh that started running through first names even though password login is disabled on the server. And SSH even reports back on failed login attempts just what types of authentication are allowed. Sad. |
<Sigh> Script kiddies. Where is the artistry? Sic transit gloria mundi...
Anyway, maybe the next news item on Trinity shouldn't be the beta release of NeoOffice, but rather the fact that password login is disabled...
Just to spread the word to the terminally deaf and such.. |
|
| Back to top |
|
|
OPENSTEP
The One
Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA
|
| Posted: Sun Dec 19, 2004 3:38 pm Post subject: |
|
It sucks because although they don't get in it still uses up bandwidth, especially when someone is trying to break passwords thousands of times when they couldn't even get in even if they had a *valid* password for the box. Even I can't get in with my own password...sucks if I ever lose my key tho
ed |
|
| Back to top |
|
|
OPENSTEP
The One
Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA
|
| Posted: Tue Dec 21, 2004 7:30 pm Post subject: Another IP for your pinging pleasure... |
|
24.91.220.31
ed |
|
| Back to top |
|
|
OPENSTEP
The One
Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA
|
| Posted: Wed Jan 26, 2005 8:39 pm Post subject: More IPs |
|
64.5.44.229 (seems to be another script trying random usernames and dictionary passwords)
211.35.128.34 (more of the same)
218.149.77.66
Some of these people are banging with hundreds of login attempts so if the server seems slow, please blame them
ed |
|
| Back to top |
|
|
|
