Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Bruteforce attempt
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Bruteforce attempt

HalfEatenPieHalfEatenPie Veteran
edited June 2012 in General

So we all get bruteforce attempts.

But I found it pretty funny that they tried all these names on my POP3 port (before getting blocked).

mail
manager
terminal
temp
user
users
welcome
michael
cvs
redbull

I'm assuming they just randomly pick names off a list they made but seriously. Redbull?

Anyways I'm not named Michael, but I can see they try all the popular names.

Comments

  • luis123456luis123456 Member

    Too bad I don't see root in that list :D

    Thanked by 1klikli
  • jarjar Patron Provider, Top Host, Veteran

    You too? I thought they knew about my red bull addiction...

  • HalfEatenPieHalfEatenPie Veteran

    @jarland its a conspiracy!

    insert dramatic music here

    Thanked by 2jar klikli
  • yomeroyomero Member

    Dramatic hamster meme

  • netomxnetomx Moderator, Veteran

    @yomero said: Dramatic hamster

    you're old

  • jarjar Patron Provider, Top Host, Veteran

    Now I get root attempts originating within limestone networks. Seems like a less reputable provider would have been the better choice for the IP I see in my logs, but alright.

    Filing abuse reports is quite a large part of my week...

  • TaylorTaylor Member

    Is it worth filling reports for such things?

  • jarjar Patron Provider, Top Host, Veteran
    edited June 2012

    When it comes from a reputable ISP I will file it, not really much direct benefit to me. It could be an infected computer or a client with malicious intent, and if they were my client I'd want to know. A courtesy if nothing else.

    Thanked by 1HalfEatenPie
  • HC_RoHC_Ro Member
    edited June 2012

    @jarland said: Now I get root attempts originating within limestone networks.

    I feel like I have seen a few recent complaints about this with lsn

    http://www.webhostingtalk.com/archive/index.php/t-1159070.html

  • MaouniqueMaounique Host Rep, Veteran

    Bah, that happens to me every day, but usually is SSH because I insist on keeping it on port 22 :P
    Other targets are the usual mail relay on 25 (naming your server mail.yourdomain.tld does not help, I know :P) as well as various mysql, webpanels and even VNC ports. What is absent lately is the attempt to connect to popular proxy ports, such as 3128, 8080, 8081, 81, etc. That used to be a major target a few years ago.
    Since that is happening all the time I dont bother looking for the source.

  • yomeroyomero Member

    @netomx said: you're old

    Not more than you... hahaha!

  • HalfEatenPieHalfEatenPie Veteran

    @jarland yeah I do that most of the time out of courtesy, but there was this one time where the response e-mail was someone trying to sell me something.

    the frack?

  • klikliklikli Member

    @HalfEatenPie said: insert dramatic music here

    You should use <audio> instead.

  • HalfEatenPieHalfEatenPie Veteran
    edited June 2012

    @klikli < audio src=' onClick='audio-only'>

  • netomxnetomx Moderator, Veteran

    @yomero said: Not more than you... hahaha!

    I'm like the wine kiddo =P

Sign In or Register to comment.