Chinese Hackers Targeting NYPD Computers 212
Mike writes "A network of hackers, most based in China, have been making up to 70,000 attempts a day to break into the NYPD's computer system, the city's Commissioner, Raymond Kelly, revealed Wednesday. Kelly suggested that 'perhaps it is because of the NYPD's reach into the international arena' that they are being targeted for computer hacking 'in much the way the Pentagon has been.' The hackers are apparently using a botnet to make up to 5,000 attempts a day at various unsecured portals into the NYPD's files. China's foreign ministry spokesman Qin Gang denied involvement in computer espionage. 'Some people outside of China are bent on fabricating lies of so-called Chinese computer spies,' he said last month. The obvious question is, why are the Chinese so interested in the NYPD computer network?"
I just block most countries (Score:5, Informative)
They should do what I, and others do. Just block all traffic from certain countries.
With most of my sites, I'm not interested in international traffic and all I get is spammers and content scrapers. I cam across this tip on blocking spammers and scrapers using IPFilter on Solaris [howtonotma...online.com] and just update my ipf.conf file from time to time if I notice anything strange coming in, which I check from time to time. I also grab lists of ip ranges to add as well.
While it bothers me a bit to limit access to sites in principle, I really don't get any benefit from international traffic that outweighs the nuisance of the few that ruin it for everyone else.
Re:Track an IP? (Score:1, Informative)
I thought that was a direct quote from CSI....
Re:Track an IP? (Score:3, Informative)
Re:That's so cute! (Score:4, Informative)
I must be special, too, because I log tons of probes. Hundreds, sometimes thousands a day.
That was my first thought, too. I got so sick of looking at the log entries for my faux SSH daemon (on port 22) that I quit logging it. Sure, it's fun for a while, 'till you realize that you aren't frustrating anybody, just occupying 0.02% of cpu time on a hacked bot.
Hundreds/thousands of "hack attempts" per day when you include obvious overrun attempts (8k of "xxxxx" in the apache logs) attempts at accessing Windows sharing (connections to ports 137-139) dictionary hacks on port 22, (none of my stuff allows passwords anyway, and don't work on port 22) and so on.
Yawn. Welcome to the wild, wooly Intarnets!
what about that other trapped in a computer movie? (Score:2, Informative)
The Thirteenth Floor.
Here's an experiment Hollywood does every year:
make the same movie twice, then see which version the public loves.
It came out at the same time as the Matrix, but was a lot more interesting, but with fewer really awesome fights.
network of hackers? (Score:2, Informative)
bots brute forcing logins != hackers