Comments on: Who’s Knocking On My Disk Drive? http://nklein.com/2009/05/whos-knocking-on-my-disk-drive/ software development and consulting Sun, 20 May 2012 18:07:58 +0000 hourly 1 http://wordpress.org/?v=3.3.2 By: pat http://nklein.com/2009/05/whos-knocking-on-my-disk-drive/comment-page-1/#comment-75 pat Fri, 29 May 2009 22:25:24 +0000 http://nklein.com/?p=457#comment-75 There were 4,402 attempts from that IP address over the course of 12 hours. So, I guess that's only an average of about one every 10 seconds. At around 5pm Central it was every two seconds. I have a lame firewall at the moment. My choices were either to shut off port forwarding altogether or block it at the machine level. The machine mostly sits there as my home name server and home git hub. It is not overly taxed. My previous firewall was lame in a totally different way. I couldn't forward port 22 to port 22 on one machine and port 2222 to port 22 on a different machine. Feh. There were 4,402 attempts from that IP address over the course of 12 hours. So, I guess that’s only an average of about one every 10 seconds. At around 5pm Central it was every two seconds.

I have a lame firewall at the moment. My choices were either to shut off port forwarding altogether or block it at the machine level. The machine mostly sits there as my home name server and home git hub. It is not overly taxed.

My previous firewall was lame in a totally different way. I couldn’t forward port 22 to port 22 on one machine and port 2222 to port 22 on a different machine. Feh.

]]> By: Shanzer http://nklein.com/2009/05/whos-knocking-on-my-disk-drive/comment-page-1/#comment-74 Shanzer Fri, 29 May 2009 20:31:56 +0000 http://nklein.com/?p=457#comment-74 That just shows your lack of commitment. :-) I used to do a non-intrusive port scan just to see what I was dealing with, and to see if I could get any more useful information. I have been on the other side of that. I have gotten irate phone calls from people telling me to stop spamming or hacking their site, because the see the name "foobar.com" somewhere in the data. So I end up doing a little bit more to prove to them that it is not me. Since I do not manage the machine that is foobar.com anymore I am blissfully unaware of all the attacks it is subjected to these days. How many attempts were done in that 12 hours? I usually kill those at a firewall level, just to lessen the burden. That just shows your lack of commitment. :-)

I used to do a non-intrusive port scan just to see what I was dealing with, and to see if I could get any more useful information.

I have been on the other side of that. I have gotten irate phone calls from people telling me to stop spamming or hacking their site, because the see the name “foobar.com” somewhere in the data. So I end up doing a little bit more to prove to them that it is not me. Since I do not manage the machine that is foobar.com anymore I am blissfully unaware of all the attacks it is subjected to these days.

How many attempts were done in that 12 hours? I usually kill those at a firewall level, just to lessen the burden.

]]> By: pat http://nklein.com/2009/05/whos-knocking-on-my-disk-drive/comment-page-1/#comment-72 pat Fri, 29 May 2009 15:30:43 +0000 http://nklein.com/?p=457#comment-72 Well, I did the <q>WHOIS</q>-thing and emailed the abuse contact at his ISP. But, I didn't don an adult diaper, drive to Atlanta, and start following packets around. Well, I did the WHOIS-thing and emailed the abuse contact at his ISP. But, I didn’t don an adult diaper, drive to Atlanta, and start following packets around.

]]> By: Shanzer http://nklein.com/2009/05/whos-knocking-on-my-disk-drive/comment-page-1/#comment-71 Shanzer Fri, 29 May 2009 15:08:16 +0000 http://nklein.com/?p=457#comment-71 You are nicer then I am. When that happens to me, I hunt the bastards down. :-) You are nicer then I am. When that happens to me, I hunt the bastards down. :-)

]]>