Thursday, August 07, 2014

Hackers and Twats


So, as a test in yesterday's post I purposefully left some details of my Internet accessible Centos 70 system out there to see if there are any

Wankers, Twats or Hackers

who would try to break into my system.  In just 9 hours there have been over 450 bogus logon attempts.

Here is the list of distinct Internet Addresses / names

business-86-101-234-57.business.broadband.hu
23.102.165.120
31.135.72.84
42.62.17.250
58.83.146.252
60.169.75.68
60.173.11.100
61.153.105.66
61.174.51.194
61.242.169.7
61.55.156.196
62.43.188.9.static.user.ono.com
82.221.106.233
82.99.186.25
94.102.49.20
113.107.233.165
116.10.191.210
117.21.226.206
118.122.92.7
122.225.103.125
122.49.20.185
123.30.214.137
123.7.109.36
144.0.0.33
162.212.34.75
188.113.13.132
195.230.113.7
198.98.122.64
199.166.4.57
207.46.146.111
210.211.99.244
212-83-150-47.rev.poneytelecom.eu
213.191.74.16
218.59.209.136

222.163.192.151


and this is the list of userids they tried

6
a
accounti
adm
admin
administ
alias
andy
auto
b
bind
btmp
bwadmin
c
cassandr
claudia
client
cmsftp
cvsadmin
cyrus
dasusr1
db2admin
db2fenc1
db2inst1
dff
ftp
ftpuser
games
git
guest
hadoop
halt
hello
hmsftp
i
info
j
jboss
jira
k
kat
l
ma
mailuser
manager
media
minecraf
modem
mysql
nagios
operator
oracle
pat
peters
pi
PlcmSpIp
postgres
q
root
rsync
sparky
support
syslog
t
teamspea
temp
test
test1
teste
tester
testuser
tmp
tomcat
trade
ts3
ubnt
ucpss
user
user1
user6
uucp
velma
vyatta
web5
webadmin
weblogic
www
xx
xxxxxxxx
y
zabbix

zotya

Stepping Back
Going back a few decades hacking computers was mostly an intellectual, /let's see if this can be done/ exercise without malicious intent.

Those days are gone.

One important consideration if you are a business with a local computer installation or Datacentre:   If you outsource to Cloud then your systems are not protected by a Customer access only private IP network, your Cloud machines are just as accessible to a would be malicious hacker login as they are to you.

So be careful and vigilant.


 /usr/sbin/usermod -s /sbin/nologin tomcat