anybody else running a personal web server, and seem to be getting hits from Russia?
~Travis
Website hosted at Go Daddy. The Russian bots are convinced there is a WordPress site there. They also probe for database backups, administrator links, and a list of known vulnerabilities.
France, Germany, Slovakia, India, and China are also countries of note.
The one that really incensed me was a class-A router in Afghanistan that was under the control of the U.S. military. Our tax dollars hard at work pouring a massive endless stream of spam onto the internet.
Lately BingBot has been behaving badly as well. I reported the issue. It stopped for a few months. It's back. Oh, Microsoft. Will you ever get your act together.
A former coworker of mine; an experienced networking engineer, discovered that his personally-run website was being used (by who-knows who) as a fileserver for porn and pirated stuff (and pirated porn, IIRC.) It wasn't "hacked and damaged", it was "hacked and exploited in non-obvious ways."
Boris Johnson has threatened cyber-retaliation by the UK so the Russian attacks should stop soon.
...R
It is probably just bots.....
travis_farmer:
....looks like somebody is creating accounts, and letting them sit for some reason...
There are two reasons...
-
Broken spambot. The bot is functional enough to create the account but is not functional enough to post.
-
Delayed spambot. Posting is delayed either to fool you and/or because the bot does not yet have a use for the account.
reCAPTCHA works well to eliminate both.
travis_farmer:
anybody else running a personal web server, and seem to be getting hits from Russia?~Travis
Your president has under the table connections to the Russians, maybe he authorized this.
westfw:
... It wasn't "hacked and damaged", it was "hacked and exploited in non-obvious ways."
I had a private mail server that was hijacked to send out spam once. Something I read about recently was video decoders with hidden bitcoin mining code included. I don't know if this has really been happening but it sounds plausible. You can imagine a whole range of applications that could steal processor time to mine bitcoins on-the-fly.
The day Micro$loth makes a product that doesn't suck is the day they make vacuum cleaners.
ardly:
I had a private mail server that was hijacked to send out spam once.
Keeping a mail server secure is a never ending job. Forum servers are often targeted as they have an SMTP (mail relay) embedded in the PHP. Create a couple 1000 zombie accounts over a period of months. Maybe even pay a few people in the 3rd World to defeat captcha's on failed registrations. Exploit the mail sending PHP pages directly. You have yourself a resource e-marketing companies will pay for.
Something I read about recently was video decoders with hidden bitcoin mining code included. I don't know if this has really been happening but it sounds plausible. You can imagine a whole range of applications that could steal processor time to mine bitcoins on-the-fly.
Bit-Coin mining codecs are real. If you ever come across a site distributing pirated or pr0n movies, which can only be watched using their proprietary codec, you got to wonder whether the content is as 'free' as the site claims. Pirated software, screen savers and games are potential vehicles too.
I've had to clean a bitcoin mining worm off a couple servers for customers. The obvious symptom was an idle server with fans at full tilt, in an air conditioned comms room.
msssltd:
....
I've had to clean a bitcoin mining worm off a couple servers for customers. The obvious symptom was an idle server with fans at full tilt, in an air conditioned comms room.
I have donated a some computer time to BOINC based projects. I supposed it was only a matter of time before the technology turned to the dark side. It goes against the grain to have time stolen, particularly if it uses power.
With the IoT I suppose there are a lot of bored fridges, washing machines & TVs out there that could be spending their time looking for prime numbers or signals from aliens.
People are still better than computers for some things though. I spent a bit of my own time looking at camera trap photos trying to identify types and numbers of animals and what they were doing. Of course I help Google to train their AI for free when I click Captcha images.
Serious servers shouldn't allow free accounts on a fast and easy basis?
Oh... wait... you're not supposed to have to deal with all that time lost, the money's supposed to just roll in!
One thing I have found many times is that "supposed to" generally leads to disappointment at the least.