List of Known Hackers

[DaKine]

Ok today i went to crackspider.com to get a crack for MIRC and my system just got messed up so i ran adaware se and stuff restarted after a bit my games kept crashing so i reinstalled the games then! i get a black screen with someone that Mesages me with the name Trinity and my name as Neo.. so i shut down my machine and again i got another message.. so i hooked up my router. i am curious on what i can do about this or what this Program is? or how i can get the persons ip or if he could of got any information on my machine. as i have alot of crap on notepad

[OPENSTEP]

That's not coming from this machine but from someone else. We're not hackers, rather only their targets, like everyone else. It just sounds like you need to disable the Messenger service. You may want to get XP SP2...or get a Mac

ed

[ss0]

If you are constantly having brute force attempts, I would recomend the use of the knockd daemon. It gives you the ability to not have port 22 (or any other port) which answers ssh available.

[OPENSTEP]

Thanks for the recommendation on knockd. I had heard such a port knocking thing was in development but hadn't realized it'd gotten to a point where it was robust!

While there are still a somewhat frequent number of attempted brute force attacks, they're just troublesome in the sense that they take up bandwidth that could be used for other purposes. The main trinity server is now on private/public key authentication only, so although sshd is still responding to those requests they're really just pesky DoSes and not anything that could ever break through. Perhaps if I throw knockd in as well I wouldn't have to worry about even responding to them

ed

[anube]

I knew I wasn't alone, but I didn't know how bad it really was. I just recently added my dev server to the DMZ and I'm already listing scores of brute force attemps to get into my system. One of the same things that make the internet great is what makes it such a dangerous place -- anonymity. Can you imagine these same people walking down every neighborhood checking each door to see if it's unlocked?

I'm just glad I'm not running a windows server. It's a little unneverving that there are scores of idiots randomly scanning for would be hosts for the next great internet attack.

I just recently stumbled upon snort.org that is claiming to be the de-facto standard and am planning on giving it a try. Good like with your site!

[Wicked]

I was following this forum and I too am having these problems. In fact my website was defaced today. Thankfully they did not toy with anything else. Just to be safe however I restored everything. It sounds like you are doing a decent job at combatting these hackers. I would be interested in learning as far as what disable password login is and such so I can protect my own site more effienciently. As well I am beginning a phpbb module to update user boards with known hacker ips to help prevent access to their boards. This is how I found this site through a google search of hacker ips. I hope to help others by collecting thousands of ips if that is what it takes and have them installed on everyones phpbb. If you do not want to share any of this info on the board please feel free to pm me or email me with the email i signed up with. Thanks

P.S. I would also be interested in hearing what exactly ssh accomplishes in your root directory. Sorry for my newb questions but Im trying to learn..

Fighting for the greater good..

Jason

[ovvldc]

I just deleted an advertising message by a guest originating from IP 66.56.200.74.

(and for got where the spam reporting thread was, so added it here)

Best wishes,
Oscar

[Samwise]

For future reference :

Forum spam

[ovvldc]

Thanks. Sunday morning fogginess kicking in there..

-Oz

[pluby]