Quoting Post Archived Topic: It will not be bumped to the top of the forum. Topic Are these people trying to hack my computer? Membername   Not a member? Sign Up Free (takes 20 seconds) Password   Forgotten your password? Post Font: Verdana Arial Black Georgia Comic Sans Impact   Size: Tiny Normal Big Huge   Color: Default Dark Red Red Orange Brown Green Olive Cyan Blue Dark Blue Indigo Black [ Check Spelling ] [ Post Preview ] [ LiveTags ] Quote: from [m]leoneo[/m] at 2:19 pm on Jan. 20, 2008[quote]Well, I finally got my Linux machine up and running again.. And I decided that I would load up an SSH daemon on it so that I could access it remotely.. over SSH.. Anyway this is the first time I have ever used something like this. I have some knowledge on network security and stuff but I still don't have much experience. Last night I decided to take a look at my logs just to see if anything was going on before I went to bed. It seemed there was someone trying to guess my root password over SSH for like 3 hours!! After I did a whois search on the IP address it came back with a few e-mail addresses to contact a network administrator and the country of origin was... Taiwan.. Why is some dude in Taiwan trying to log into my SSH service for 3 hours?? Maybe it's a proxy chain? Not only that but I decided to look at the incoming log table on my router to see if there was anything going on not regarding my SSH daemon. and ton's of IP addresses are coming from Asian countries such as Taiwan, China, and Hong Kong. Destined for ports that seem almost random.. (port scanning maybe?) today I was looking at things to protect against SSH dictionary attacks and found a few perl scripts to protect my computer, but is this normal? or am I just being paranoid?[/quote] FAQ Keyword Search: Post Options Favorites Manager Notify me of new replies to this topic by email Notify me of new replies to this topic by private message Original Post leoneo Posted at 2:19 pm on Jan. 20, 2008 Well, I finally got my Linux machine up and running again.. And I decided that I would load up an SSH daemon on it so that I could access it remotely.. over SSH.. Anyway this is the first time I have ever used something like this. I have some knowledge on network security and stuff but I still don't have much experience. Last night I decided to take a look at my logs just to see if anything was going on before I went to bed. It seemed there was someone trying to guess my root password over SSH for like 3 hours!! After I did a whois search on the IP address it came back with a few e-mail addresses to contact a network administrator and the country of origin was... Taiwan.. Why is some dude in Taiwan trying to log into my SSH service for 3 hours?? Maybe it's a proxy chain? Not only that but I decided to look at the incoming log table on my router to see if there was anything going on not regarding my SSH daemon. and ton's of IP addresses are coming from Asian countries such as Taiwan, China, and Hong Kong. Destined for ports that seem almost random.. (port scanning maybe?) today I was looking at things to protect against SSH dictionary attacks and found a few perl scripts to protect my computer, but is this normal? or am I just being paranoid?

Replies Macropiper Posted at 10:11 pm on Jan. 23, 2008 If they are trying to break into your root account, then yes, that is pretty much the definition of trying to hack a computer. ihax Posted at 2:17 pm on Jan. 21, 2008 Someone could be using a program like nmap to probe random computers for open ports, and they might have just randomly found yours. Cingular Wireless Posted at 12:37 pm on Jan. 21, 2008 I wouln't leave any ports that you don't need open because they probaly are trying to hack your computer by using a random ip generator and port scanner. Does your router have a firewall as well? All 3 previous replies displayed.