SOH and Daily Hackers

[Ickie]

Every day I have to block 25-50 hackers and Countries
here is the list I am starting, this just isn't right and some are the countries own hackers.
Maybe I will shame them into stopping, below is the first
==========================================

Time: Thu May 21 19:09:34 2015 -0400
IP: 200.161.210.250 (BR/Brazil/200-161-210-250.dsl.telesp.net.br)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
================================================
Time: Thu May 21 19:48:58 2015 -0400
IP: 66.150.8.85 (US/United States/performance-measurement-6461-1.sef.pnap.net)
Hits: 11
Blocked: Permanent Block
==========================================

 

[Allen]

Peps have no life... Why do they do this to us?

 

[Ickie]

They do this is because they can and no one is willing to stop them or even dare to.
In most cases it is the governments doing this.

If you see your country, complain to them and show them what I dare to post.

=========================================
Time: Thu May 21 20:28:57 2015 -0400
IP: 139.194.72.99 (ID/Indonesia/fm-dyn-139-194-72-99.fast.net.id)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=====================
Time: Thu May 21 21:25:31 2015 -0400
IP: 49.151.64.99 (PH/Philippines/dsl.49.151.64.99.pldt.net)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
====================================
Time: Thu May 21 22:53:53 2015 -0400
IP: 83.220.114.72 (PL/Poland/83.220.114.72.umts.static.t-mobile.pl)
Hits: 11
Blocked: Permanent Block
===============================
Time: Fri May 22 03:41:19 2015 -0400
IP: 58.251.146.163 (CN/China/reverse.gdsz.cncnet.net)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
=========================
Time: Fri May 22 03:50:11 2015 -0400
IP: 91.214.168.75 (CH/Switzerland/yoda.vserver.softronics.ch)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
========================
Time: Fri May 22 04:05:52 2015 -0400
IP: 117.205.184.224 (IN/India/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
==================================
Time: Fri May 22 04:10:42 2015 -0400
IP: 82.205.105.195 (PS/Palestinian Territory/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
========================
Time: Fri May 22 04:52:36 2015 -0400
IP: 58.251.146.174 (CN/China/reverse.gdsz.cncnet.net)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
======================

 

[Ickie]

Time: Fri May 22 07:28:23 2015 -0400
IP: 5.107.0.20 (AE/United Arab Emirates/-)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
===================================
Time: Fri May 22 08:18:59 2015 -0400
IP: 117.253.190.76 (IN/India/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
=============================
Time: Fri May 22 08:21:04 2015 -0400
IP: 70.91.125.165 (US/United States/70-91-125-165-michigan.hfc.comcastbusiness.net)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
==============================
Time: Fri May 22 08:56:57 2015 -0400
IP: 212.42.125.207 (KG/Kyrgyzstan/212-42-125-207.elcat.kg)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=====================================
Time: Fri May 22 09:37:45 2015 -0400
IP: 122.169.34.231 (IN/India/abts-mh-dynamic-231.34.169.122.airtelbroadband.in)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=====================================
Time: Fri May 22 11:58:23 2015 -0400
IP: 95.8.96.185 (TR/Turkey/95.8.96.185.dynamic.ttnet.com.tr)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
======================================
Time: Fri May 22 15:01:54 2015 -0400
IP: 81.213.71.183 (TR/Turkey/81.213.71.183.dynamic.ttnet.com.tr)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
===================================
Time: Fri May 22 15:18:10 2015 -0400
IP: 196.12.153.45 (MU/Mauritius/-)
Hits: 11
Blocked: Permanent Block
==================================
Time: Fri May 22 16:50:14 2015 -0400
IP: 222.124.200.250 (ID/Indonesia/250.subnet222-124-19.astinet.telkom.net.id)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=====================================
Time: Fri May 22 17:36:43 2015 -0400
IP: 61.62.220.60 (TW/Taiwan/61-62-220-60-adsl-chu.STATIC.so-net.net.tw)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
===================================
Time: Fri May 22 18:59:22 2015 -0400
IP: 59.40.230.114 (CN/China/114.230.40.59.broad.sz.gd.dynamic.163data.com.cn)
Hits: 11
Blocked: Permanent Block
==================================
Time: Fri May 22 19:48:23 2015 -0400
IP: 112.70.20.103 (JP/Japan/112-70-20-103f1.hyg1.eonet.ne.jp)
Hits: 11
Blocked: Permanent Block
===============================
Time: Fri May 22 22:06:46 2015 -0400
IP: 100.2.245.16 (US/United States/static-100-2-245-16.nycmny.fios.verizon.net)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
====================
Time: Fri May 22 22:39:33 2015 -0400
IP: 190.233.241.102 (PE/Peru/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
====================

 

[Landman]

Why would the govt. of any given country attack a hobbyist flightsim site?

Unscrupulous payware vendors may have a motive. Little teenage losers with no real friends and nothing better to do may do it for revenge for some perceived wrong someone did to them here. But why would a government do it? It's not like we are political activists speaking against any of them. I am not trying to disagree with you I am just trying to understand motives.

 

[WarHorse47]

I am not trying to disagree with you I am just trying to understand motives.

Good luck on that one.

 

[Tako_Kichi]

Unscrupulous governments have zero interest in the content/purpose of the sites they attack/probe, they are simply looking for unprotected and vulnerable sites that they can then exploit by adding their own nefarious code to use as and when desired. If they can amass thousands/millions of sites which can be triggered to run their 'code bombs' they can quickly cripple huge blocks of the internet and bring down Western commercial and government infrastructures.

The attacks could also be religion or ideology based, they don't like many of the things we take for granted in the West and see it as their duty to wipe it out.

 

[Ickie]

Time: Sat May 23 00:48:46 2015 -0400
IP: 123.239.84.50 (IN/India/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
=======================
Time: Sat May 23 01:06:19 2015 -0400
IP: 151.80.93.2 (FR/France/-)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
======================
Time: Sat May 23 01:09:35 2015 -0400
IP: 183.89.121.149 (TH/Thailand/mx-ll-183.89.121-149.dynamic.3bb.co.th)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
==========================
Time: Sat May 23 04:15:36 2015 -0400
IP: 49.113.178.111 (CN/China/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
===============================
Time: Sat May 23 08:04:45 2015 -0400
IP: 155.133.19.148 (PL/Poland/tarahumarekt.com)
Failures: 5 (cpanel)
Interval: 300 seconds
Blocked: Yes
================================
Time: Sat May 23 08:11:01 2015 -0400
IP: 223.206.248.91 (TH/Thailand/mx-ll-223.206.248-91.dynamic.3bb.co.th)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=======================
Time: Sat May 23 08:23:39 2015 -0400
IP: 190.233.222.67 (PE/Peru/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
=========================
Time: Sat May 23 13:01:51 2015 -0400
IP: 203.215.118.221 (PH/Philippines/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
===========================
Time: Sat May 23 14:47:38 2015 -0400
IP: 195.158.26.92 (UZ/Uzbekistan/-)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
===============================
Time: Sat May 23 15:06:35 2015 -0400
IP: 112.90.37.238 (CN/China/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
============================
Time: Sat May 23 15:19:25 2015 -0400
IP: 180.242.23.165 (ID/Indonesia/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
=========================
Time: Sat May 23 15:46:04 2015 -0400
IP: 41.82.44.81 (SN/Senegal/-)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=========================
Time: Sat May 23 16:41:04 2015 -0400
IP: 122.199.130.57 (KR/Korea, Republic of/static.122-199-130-57.nexg.net)
Hits: 11
Blocked: Permanent Block
==========================
Time: Sat May 23 17:50:16 2015 -0400
IP: 185.60.229.51 (PL/Poland/as201451-rev.185.60.229.51.v-net.pro)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
==============================
Time: Sat May 23 18:14:38 2015 -0400
IP: 218.203.12.105 (CN/China/-)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
========================================
Time: Sat May 23 20:57:27 2015 -0400
IP: 205.221.56.11 (US/United States/lunch.ankenyschools.org)
Hits: 11
Blocked: Permanent Block
======================
Time: Sat May 23 23:14:52 2015 -0400
IP: 58.251.146.189 (CN/China/reverse.gdsz.cncnet.net)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes

 

[Ickie]

this is not legal and if I were to get caught hacking them I would be in jail, and if caught in their country a be-heading would be in order.

This is why I am stepping up and posting the countries and their IP addresses as proof, maybe they will stop trying to hack us and move along, if not maybe I will try and find an international lawyer then offer him/her half and sue the owners of the IP for a million bucks per hit, that's a lotta millions per day, lol.

 

[Ickie]

since I started this a few days ago, China and Russia has backed off, I was getting them every hour before I started posting my attacks.

 

[Ickie]

Time: Sun May 24 00:42:39 2015 -0400
IP: 204.93.169.191 (US/United States/unknown.ord.scnet.net)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
================
Time: Sun May 24 03:11:59 2015 -0400
IP: 158.181.144.77 (KG/Kyrgyzstan/158.181.144.77.mega.kg)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
====================
Time: Sun May 24 04:52:45 2015 -0400
IP: 158.181.149.67 (KG/Kyrgyzstan/158.181.149.67.mega.kg)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=========================
Time: Sun May 24 05:23:38 2015 -0400
IP: 88.226.73.193 (TR/Turkey/88.226.73.193.dynamic.ttnet.com.tr)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=======================
Time: Sun May 24 13:01:10 2015 -0400
IP: 43.252.205.118 (IN/India/-)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
========================
Time: Sun May 24 15:20:02 2015 -0400
IP: 93.174.91.26 (NL/Netherlands/yourfile.tv)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=====================
Time: Sun May 24 15:32:35 2015 -0400
IP: 112.90.37.250 (CN/China/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
========================
Time: Sun May 24 15:52:03 2015 -0400
IP: 115.28.173.125 (CN/China/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
======================
Time: Sun May 24 16:03:04 2015 -0400
IP: 173.208.184.21 (US/United States/-)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
===========================
Time: Sun May 24 16:10:20 2015 -0400
IP: 182.185.127.3 (PK/Pakistan/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
=============================
Time: Sun May 24 16:36:59 2015 -0400
IP: 37.77.51.35 (IQ/Iraq/-)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
============================
Time: Sun May 24 18:18:43 2015 -0400
IP: 203.158.221.176 (TH/Thailand/db176.rmutr.ac.th)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
============================

 

[stansdds]

Time: Sun May 24 00:42:39 2015 -0400
IP: 204.93.169.191 (US/United States/unknown.ord.scnet.net)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
================
Time: Sun May 24 03:11:59 2015 -0400
IP: 158.181.144.77 (KG/Kyrgyzstan/158.181.144.77.mega.kg)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
====================
Time: Sun May 24 04:52:45 2015 -0400
IP: 158.181.149.67 (KG/Kyrgyzstan/158.181.149.67.mega.kg)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=========================
Time: Sun May 24 05:23:38 2015 -0400
IP: 88.226.73.193 (TR/Turkey/88.226.73.193.dynamic.ttnet.com.tr)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=======================

Good job, Ickie! Have a cold one and put it on my tab.

 

[Ickie]

May 25th 2015
=============
Time: Mon May 25 02:35:53 2015 -0400
IP: 222.247.123.222 (CN/China/-)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=========================
Time: Mon May 25 05:38:52 2015 -0400
IP: 146.0.42.109 (DE/Germany/ca240.calcit.fastwebserver.de)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=============5 HR's===============
Time: Mon May 25 10:14:44 2015 -0400
IP: 107.160.59.26 (US/United States/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
==============9.5 HR's=====================
Time: Mon May 25 19:48:27 2015 -0400
IP: 41.74.167.2 (RW/Rwanda/-)
Hits: 11
Blocked: Permanent Block
=============================
Time: Mon May 25 20:26:24 2015 -0400
IP: 176.31.2.15 (FR/France/-)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=====================
Time: Mon May 25 21:54:06 2015 -0400
IP: 222.129.237.65 (CN/China/-)
Hits: 11
Blocked: Permanent Block
=======================
Time: Mon May 25 23:32:35 2015 -0400
IP: 91.200.12.79 (UA/Ukraine/416.2015.com)
Hits: 11
Blocked: Permanent Block
==================

 

[Ickie]

wow only 3 in the past 19 hours, exposing seems to work, hey the Russian Federation has not attacked in over 4 days, maybe I can now remove them from my country block list, heck I will do this now.
I removed all countries from my country blocked list

 

[Henry]

Shoot!

AN IVE TRIED SO HARDAT LEAST 49 OTHERS FAILED
THE HAPPY HACKER AICH

 

[Ickie]

Time: Tue May 26 00:11:51 2015 -0400
IP: 94.153.20.254 (UA/Ukraine/94-153-20-254-gprs.kyivstar.net)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
==================
Time: Tue May 26 00:50:37 2015 -0400
IP: 74.7.98.170 (US/United States/-)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
===========================
Time: Tue May 26 01:42:57 2015 -0400
IP: 59.184.131.213 (IN/India/triband-mum-59.184.131.213.mtnl.net.in)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
========================
Time: Tue May 26 01:51:31 2015 -0400
IP: 117.228.56.204 (IN/India/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
=========================
Time: Tue May 26 01:54:50 2015 -0400
IP: 59.184.140.240 (IN/India/triband-mum-59.184.140.240.mtnl.net.in)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
====================
Time: Tue May 26 01:58:57 2015 -0400
IP: 59.184.144.60 (IN/India/triband-mum-59.184.144.60.mtnl.net.in)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
============================
Time: Tue May 26 02:01:25 2015 -0400
IP: 59.184.146.2 (IN/India/triband-mum-59.184.146.2.mtnl.net.in)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
===================
Time: Tue May 26 02:03:31 2015 -0400
IP: 59.184.147.230 (IN/India/triband-mum-59.184.147.230.mtnl.net.in)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
======================
Time: Tue May 26 02:08:53 2015 -0400
IP: 59.184.151.225 (IN/India/triband-mum-59.184.151.225.mtnl.net.in)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=======================
Time: Tue May 26 02:42:17 2015 -0400
IP: 113.166.31.179 (VN/Vietnam/localhost)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=====================
Time: Tue May 26 04:40:14 2015 -0400
IP: 222.82.33.205 (CN/China/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
========================
Time: Tue May 26 04:50:19 2015 -0400
IP: 101.50.3.32 (ID/Indonesia/-)
Hits: 11
Blocked: Permanent Block
=======================
Time: Tue May 26 06:03:44 2015 -0400
IP: 193.189.116.22 (PL/Poland/193.189.116.22.host.e-ring.pl)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
========================
Time: Tue May 26 11:57:37 2015 -0400
IP: 124.173.119.119 (CN/China/-)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
============================
Time: Tue May 26 12:41:54 2015 -0400
IP: 177.200.212.34 (BR/Brazil/-)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=====================
Time: Tue May 26 12:47:59 2015 -0400
IP: 59.78.93.205 (CN/China/-)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
======================
Time: Tue May 26 14:56:21 2015 -0400
IP: 216.37.125.162 (CA/Canada/-)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=========================
Time: Tue May 26 17:07:24 2015 -0400
IP: 122.13.2.196 (CN/China/-)
Failures: 10 (ftpd)
Interval: 300 seconds
Blocked: Yes
=======================
Time: Tue May 26 20:01:33 2015 -0400
IP: 183.88.84.46 (TH/Thailand/mx-ll-183.88.84-46.dynamic.3bb.co.th)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
==========================
Time: Tue May 26 20:36:22 2015 -0400
IP: 86.162.168.60 (GB/United Kingdom/host86-162-168-60.range86-162.btcentralplus.com)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
=====================
Time: Tue May 26 22:08:00 2015 -0400
IP: 189.206.130.25 (MX/Mexico/-)
Failures: 5 (smtpauth)
Interval: 300 seconds
Blocked: Yes
==================

 

[AussieMan]

It looks like the Indians are the worst. Followed by China.

 

[gman5250]

If everyone would (could) take a pro active position and turn these attacks back upon the perps...things would change in a hurry.

These pings are part of an aggressive series of invasive algorithms designed to harvest meta data from social media sites. The intent is to crunch the metadata and overlay the social behaviors onto existing geographic and demographic maps. This data is then "gamed" to predict trends etc. The data is also sold, under protection of third party regulations, to any and every one interested in obtaining the information.

It is inherently illegal...but when did that stop anyone from doing it in the past. The pings come from governments and, more importantly, international corporate interests who are keen to exploit the technology to its fullest in search of profit$$$.

William Binney is the best resource for real info in this arena. Mr. Binney was formerly the top coder at NSA and has much to say on the subject including naming projects like Echelon and the multi layered tech ops now running out of Utah.

All of the new operating systems and hardware have back doors built in, which allows this to continue. It is virtually impossible to keep them from coming in, but when you put light on these spooks, the tend to evaporate...only to return later when you've quite looking.

Windows 10 is very likely coded with user friendly bd's for NSA, Facebook, Google and the various other spook sponsored operators who get big bucks for your data. I would speculate that this is one of the reason's it is being offered as a free upgrade. Since the FCC's aggressive takeover of the internet, it could be argued that there is a connection between these two recent developments running concurrently. I personally choose to err on the side of caution.

Unfortunately I'm not FOS on this one...I've accumulated masses of reliable intel on this. Hope I don't step on any toes...but I've been following this conversation since it was first posted.

If admin finds this post to be offensive...you have my permission to remove it at your discretion.

 

[Landman]

Would subscribing to one of those payware secure socket layer tunneling anonymizers do any good?

 

[gman5250]

I listened to a very interesting interview with John "Captain Crunch" Draper a few months ago. He said he was working on an encryption, I believe it was called "Thundercloud", which would render your data entirely secure. The algorithm restructured itself something like one million times per second. Sounds wild, but if everyone was pinging that out it would throw a pretty nasty data cloud back at the guys on the other end.


I haven't followed up on it lately, but he indicated it would be released later this year. Considering his bone fides, I'd be tempted to take a serious look at it.

I think most everything else out there is still vulnerable. I've listened to quite a few John McAfee interviews where he leans towards this view.