Science Fiction and Fantasy Community Forums
September 14, 2013 Server Downtime = Chinese hackers - Printable Version

+- Science Fiction and Fantasy Community Forums (https://forums.sf-fandom.com)
+-- Forum: SF-Fandom and Xenite.Org Network (https://forums.sf-fandom.com/forum-42.html)
+--- Forum: Forum Feedback and Issues (https://forums.sf-fandom.com/forum-29.html)
+--- Thread: September 14, 2013 Server Downtime = Chinese hackers (/thread-32537.html)



September 14, 2013 Server Downtime = Chinese hackers - BoardAdmin - September 14th, 2013

We apologize for the downtime today. I was enjoying a weekend outing with limited access to the server and someone in China decided today would be the day they unleash a new attack against us.

I have blocked the hostile IP address and will continue to monitor.


September 14, 2013 Server Downtime = Chinese hackers - Nightspore - September 25th, 2013

There seemed to be some downtime on Tuesday the 24th around midnight (British Summer Time) as well. I checked Down for everyone? & apparently I wasn't the only one.


September 14, 2013 Server Downtime = Chinese hackers - Michael - October 6th, 2013

I'm now pretty sure most of our issues have been due to brute force attacks on the blogs. The occasional attacks on server admin services can be brutal but apparently not as taxing.


September 14, 2013 Server Downtime = Chinese hackers - Nightspore - October 6th, 2013

I wonder what these hackers are trying to achieve? I suppose could be spammers, some forums suffer terribly from them.


September 14, 2013 Server Downtime = Chinese hackers - Michael - October 21st, 2013

Nightspore Wrote:I wonder what these hackers are trying to achieve? I suppose could be spammers, some forums suffer terribly from them.

Sorry for taking so long to get back to you. It's different (groups of) people trying to achieve different things.

The people trying to break into the server itself (attacking the email, FTP, and telnet services) may be looking for information to steal and exploit (perhaps sell to the highest bidder). This crowd may cater to the international intelligence community but perhaps are only interested in looking for personal financial info that can be used for fraud: credit card data, bank account data, passwords, etc. There is darned little to be had here but they don't know that.

Some email spammers also try to hack servers in the hope that they can find vulnerabilities to exploit so they can relay email through those servers.

The people who run software to create forum profiles are trying to build links for Websites because they believe that search engines will treat those as "votes" for their Websites. Sometimes that works for a while.

The people who run software to leave comments on the blogs are doing much the same thing.

And then there are the hackers who just "count coup" on Websites. They deface them, plant messages on them, and then submit those hacked sites to special reporting sites that track the hackers' activity. Criminals and intelligence agencies sometimes recruit those people to work for them.

Finally, there are the automated hacking botnets that try to add more computers to their collectives. These botnets are controlled by people who either use them to launch attacks on important Websites or they rent out their services to the highest bidder. Many botnet customers use the compromised machines for link dropping, crawling Websites, and creating fake traffic to YouTube and other popular services.


September 14, 2013 Server Downtime = Chinese hackers - Nightspore - October 21st, 2013

Michael Wrote:Sorry for taking so long to get back to you. It's different (groups of) people trying to achieve different things.

The people trying to break into the server itself (attacking the email, FTP, and telnet services) may be looking for information to steal and exploit (perhaps sell to the highest bidder). This crowd may cater to the international intelligence community but perhaps are only interested in looking for personal financial info that can be used for fraud: credit card data, bank account data, passwords, etc. There is darned little to be had here but they don't know that.

Some email spammers also try to hack servers in the hope that they can find vulnerabilities to exploit so they can relay email through those servers.

The people who run software to create forum profiles are trying to build links for Websites because they believe that search engines will treat those as "votes" for their Websites. Sometimes that works for a while.

The people who run software to leave comments on the blogs are doing much the same thing.

And then there are the hackers who just "count coup" on Websites. They deface them, plant messages on them, and then submit those hacked sites to special reporting sites that track the hackers' activity. Criminals and intelligence agencies sometimes recruit those people to work for them.

Finally, there are the automated hacking botnets that try to add more computers to their collectives. These botnets are controlled by people who either use them to launch attacks on important Websites or they rent out their services to the highest bidder. Many botnet customers use the compromised machines for link dropping, crawling Websites, and creating fake traffic to YouTube and other popular services.

OK thanks. I've heard about botnets & the like. It's a jungle out there in cyberspace!