I just a little curious if I'm the only one here, but I feel like i'm not. My web server for me and my friends seems to get tons of port scans and login attacks from china. I literally mean that about 70% of my attacks are from there. They particularly try to brute force my ssh server. Every now and they my router drops a smurf attacks and DoS attacks. I find it extremely annoying. I see there IPs all over the place in my authorization log. I mean they have never gotten in or done anything successful but I find it really disheartening that they are try to hack me. This is they only thing about administrating my stuff that I don't like, but also find it to be a little bit fun . I'm glad that they can't get in though, lol. Now my other question is when do these attacks be come a cybercrime? Right now in my book i find it to be harassment, even from the US quote on quote hackers. So when can I draw the line? Is there a site to report server harassment? I know of cybercrime.gov, but I never had the balls to actually report them. But has anyone here ever done so? Besides iptables block what else can be done. Oh I also installed fail2ban, however for some strange reason it is not working, so will have to fix it. Right now I'm switching to a ispconfig server woot!! Also to all remember to not use sudo and make sure that remote root logins are disabled!! You would not believe how many login attempts I have for the root account, lol
Yes I dont think you are the only one. China machines always trying to take a peek in my servers also.
Recently revision3 (digg) also got attacked due to DDOS http://www.downloadsquad.com/2008/0...-traced-to-anti-piracy-company-mediadefender/ Very interesting story
i changed my port number to some high number i also had the same annoying buggers trying to get in. Now its nice and calm.
