[arm-allstar] Does this look like someone is brute force attacking my node?
Don Backstrom - AA7AU
z-armallstar at deliberate.net
Tue Feb 25 13:16:12 EST 2020
On Tue 25-Feb-20 06:52, "kd6gdb--- via ARM-allstar" wrote:
> Most of em are automated attacks from china.
As the admin for a number of publicly viewable [mostly low-volume]
websites, I see lots and lots and lots of bot attacks, of all sorts,
from IP addresses from all over the world, including from the good-old USA.
For most sites, I am able to block by underlying generally accurate
country code for the IP range, but that doesn't stop the US-based
attacks (whom I cannot block in toto). Many of those are from Amazon,
GoDaddy, etc type hosting accounts and I suspect most of those accounts
are throw-away. Many of the rest from the US seem to be from residential
networks.
It's anyone guess who is behind any one one of these bot networks, but
I can tell exactly where the fault lies ... those gentle innocent folks
who have NOT properly protected* their home/small-biz computers/accounts
- which then became infected by the bad guys and are now the hidden
fortresses for those bot networks.
<opinion> *BTW: properly protected does NOT mean simply paying someone
else for a glossy "Anti-whatever" package and understanding nothing
about it. It also, in my mind at least, means NOT running Windows10
unless you understand it and have fully secured it. M$ is a big part of
the problem, certainly not the solution. </opinion>
If it's convenient, you're at risk (as well as everyone else)!
We have met the enemy and he is us! (Pogo Papers, c. 1953)
Just another perspective,
- Don - AA7AU
More information about the ARM-allstar
mailing list