Welcome to NeoOffice developer notes and announcements
NeoOffice
Developer notes and announcements
 
 

This website is an archive and is no longer active
NeoOffice announcements have moved to the NeoOffice News website


Support
· Forums
· NeoOffice Support
· NeoWiki


Announcements
· Twitter @NeoOffice


Downloads
· Download NeoOffice


  
NeoOffice :: View topic - List of Known Hackers
List of Known Hackers
 
   NeoOffice Forum Index -> Server Outages
View previous topic :: View next topic  
Author Message
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Thu Nov 11, 2004 10:32 pm    Post subject: List of Known Hackers

OK, so it seems people trying to hack trinity are the norm, not the exception. Instead of making a new topic for each hacker's IP I find I figure I might as well make a single one that I just update as time goes by.

As to exactly why jackasses would hack servers of a project that is purely volunteer, has no corporate affiliations, and offers no monetary gain for its contributors, no credit card numbers, and no bandwidth with which to launch further attacks is utterly beyond me.

The douchebags in this thread have about as much morals as someone who steals a bag of rice from a starving Ethiopian and thinks they're the shit. And if the thought of that that gets you hard, seriously, get a fucking life (or some lezbo porn).

I don't have the time to track these fucks or the ability to pay money to pay my lawyer to file endless john doe lawsuits in CA court. I figure I'll just post these IPs and hope some unscrupulous shadowy saviour who appreciates open source will fight the good fight and unleash the Four Horsemen upon these asshats.

Here's the list of known hacker IPs as of today:

206.67.56.201 (a particularly persistent hacker)
222.106.62.141
218.21.129.105

And that's only since the new trinity server has been online. So NeoOffice users beware...there are at least 3 hackers out there on the take that want to force you to pay and use Microsoft Office. I suspect there will be more.

ed
Back to top
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Tue Nov 16, 2004 11:48 pm    Post subject:

More hacker IPs:

217.160.187.73 (really flooded trying to get access for hours)
218.8.127.193

ed
Back to top
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Thu Nov 18, 2004 10:33 am    Post subject:

From this morning

211.220.193.115

ed
Back to top
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Mon Nov 22, 2004 10:04 am    Post subject:

Some more IPs for you. It seems trinity is becoming a popular target...over 200 attempts in the last two days, most from the first IP.

203.248.138.131
220.76.0.249
211.233.5.76

ed
Back to top
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Wed Dec 01, 2004 10:31 pm    Post subject:

Some more IPs from the depths:

211.196.157.45
220.70.167.67

Seems to have calmed down slightly in the last few days. Perhaps the hackers are realizing password login is disabled... Wink

ed
Back to top
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Mon Dec 06, 2004 11:03 pm    Post subject:

Some more IPs to keep you warm:

211.94.229.29
216.232.51.94

ed
Back to top
Waldo
Oracle


Joined: Dec 03, 2004
Posts: 239

PostPosted: Tue Dec 07, 2004 1:16 am    Post subject:

ed, have you considered putting in one of the protection systems (fortress, protector, sentinel, etc.) that they got over at nukecops.com -- some of them will auto-ban IPs that give you trouble. Also, make sure to keep phpnuke up to date. I suspect a lot of the hack attempts are automated-- someone probably wrote a script to google for php-nuke with known vulnerabilities and then try a few known methods to gain access...

This is a good thread for php-nuke security--

http://www.nukecops.com/forum25.html

W

OPENSTEP wrote:
Some more IPs to keep you warm:

211.94.229.29
216.232.51.94

ed
Back to top
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Tue Dec 07, 2004 9:14 pm    Post subject:

Most of these aren't nuke hackers...those I just ban. These are people trying to get into the OpenBSD box itself through ssh vulns, trying to workaround security realms, etc. They're not trying to hack the forums, they're literally trying to hack into the CVS servers, the mail server, etc. IPs are from security logs and firewall logs.

ed
Back to top
Waldo
Oracle


Joined: Dec 03, 2004
Posts: 239

PostPosted: Wed Dec 08, 2004 1:39 am    Post subject:

OPENSTEP wrote:
Most of these aren't nuke hackers...those I just ban. These are people trying to get into the OpenBSD box itself through ssh vulns, trying to workaround security realms, etc. They're not trying to hack the forums, they're literally trying to hack into the CVS servers, the mail server, etc. IPs are from security logs and firewall logs.

ed


But... it's frickin' OPEN-"Only one remote hole in the default install, in more than 8 years!"-bsd!! What are they thinkin'!!!

Smile
W
Back to top
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Fri Dec 17, 2004 11:47 pm    Post subject:

I too don't understand why people seem to like trying to hack "open" systems. True, even though the default config doesn't have holes, you still gotta install other stuff to make that box useful. And even if you get in it's not like trinity can crack the codes to launch the missiles Wink

All said, there are still folks who like to try, like this guy:

151.8.77.133

Sometimes I wonder why people think I enable ssh access for root Very Happy

ed
Back to top
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Sun Dec 19, 2004 2:27 pm    Post subject: More hacker IPs

I still wonder why people think this is fun. espeically people like those at:

200.23.34.31

and

202.65.202.2

who apparently was using some type of password hacking toolkit for ssh that started running through first names even though password login is disabled on the server. And SSH even reports back on failed login attempts just what types of authentication are allowed. Sad.

ed
Back to top
ovvldc
Captain Naiobi


Joined: Sep 13, 2004
Posts: 2352
Location: Zürich, CH

PostPosted: Sun Dec 19, 2004 2:56 pm    Post subject: Re: More hacker IPs

OPENSTEP wrote:
who apparently was using some type of password hacking toolkit for ssh that started running through first names even though password login is disabled on the server. And SSH even reports back on failed login attempts just what types of authentication are allowed. Sad.


<Sigh> Script kiddies. Where is the artistry? Sic transit gloria mundi...

Anyway, maybe the next news item on Trinity shouldn't be the beta release of NeoOffice, but rather the fact that password login is disabled...

Just to spread the word to the terminally deaf and such..
Back to top
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Sun Dec 19, 2004 3:38 pm    Post subject:

It sucks because although they don't get in it still uses up bandwidth, especially when someone is trying to break passwords thousands of times when they couldn't even get in even if they had a *valid* password for the box. Even I can't get in with my own password...sucks if I ever lose my key tho Wink

ed
Back to top
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Tue Dec 21, 2004 7:30 pm    Post subject: Another IP for your pinging pleasure...

24.91.220.31

ed
Back to top
OPENSTEP
The One
The One


Joined: May 25, 2003
Posts: 4752
Location: Santa Barbara, CA

PostPosted: Wed Jan 26, 2005 8:39 pm    Post subject: More IPs

64.5.44.229 (seems to be another script trying random usernames and dictionary passwords)
211.35.128.34 (more of the same)
218.149.77.66

Some of these people are banging with hundreds of login attempts so if the server seems slow, please blame them Wink

ed
Back to top
Display posts from previous:   
   NeoOffice Forum Index -> Server Outages All times are GMT - 7 Hours
Goto page 1, 2  Next
Page 1 of 2

 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum

Powered by phpBB © 2001, 2005 phpBB Group

All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © Planamesa Inc.
NeoOffice is a registered trademark of Planamesa Inc. and may not be used without permission.
PHP-Nuke Copyright © 2005 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.