(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Posts Tagged ‘IPS

Ni Hao Chairman Meow!

leave a comment »

I guess from all my posts on the Google debacle and cyberwar I may have gained some attention that I don’t really want. It seems that some folks in China have become rather interested in my little IP address.

Chairman Meow

So nmap’s huh? I mean, well you aren’t really being all stealth are ya chairman? I just love seeing the “peoples republic government systems” in the logs…

Meanwhile, someone attempted a UDP DoS on my system too. The IPS seems to have handled that one just alright.


It’s always fun watching the logs…

Written by Krypt3ia

2010/02/16 at 02:25

Posted in IPS, Logs

Tagged with

Sensing A Pattern

with one comment

Source SC- DIAL TELECOM Romania Slammer DTG Wireless Latvia DdoS Grid Hosting Turkey DOS/SYN Northern Telephone OSHKOSH BAD IP Interserver Inc NJ DOS/SYN China Telecom DOS/SYN Chinanet DOS/SYN UNICOM JL China DOS/SYN NINGHAI-XINYANG-LTD China Slammer Chinanet AH China DOS/SYN CNC Group CHINA169 Zhejiang Province Network TCP Nmap Scan MAINT-CHINANET-LN DOS/SYN MAINT-CHINANET-SD Slammer CHINANET jiangsu province network China DOS/SYN Kunde Htech Ltd Co China DOS/SYN CHINANET-HN Changsha node network DOS/SYN CHINANET Chongqing province network Slammer CHINANET SHANDONG PROVINCE NETWORK DOS/SYN China Unicom Shandong province network DOS/SYN China Unicom Beijing province network DOS/SYN TIANJIN-CHANGCHENGZHIBAO-LTD DOS/SYN China Unicom Hebei Province Network Korea DOS/SYN KORNET-10321992250 DOS/SYN ZHEJIANG-PEOPLE-GOV TCP Nmap Scan LY-GUANGDIAN-ISP China Slammer JINHUA-TELECOM-LTD Slammer China Unicom Liaoning province network DOS/SYN CHINANET Anhui province network Slammer China Mobile Communications Corporation – jiangxi Slammer Ratel Company Russia DOS/SYN SuperOnline Inc. Turkey Slammer CHINACOMM DOS/SYN CMNET-jilin DOS/SYN BEIJING ZHENG-BO TECHNOLOGY CO.LTD Slammer Shanghai University DOS/SYN App Anomaly RPC CHINANET Sichuan province network DOS/SYN SC-MY-SJDF-LTD China DOS/SYN CHINANET-ZJ-HZ DOS/SYN CNC Group CHINA169 Zhejiang Province Network TCP Nmap Scan CUCBUUDIENTW-NET DOS/SYN JIAXING-TELECOM-LTD DOS/SYN SJZ-FriendshipHotelNorthStateStreetstore China DOS/SYN Maxis Communications Bhd Malaysia DOS/SYN shantoushitianyingxinxijishuyou China DOS/SYN NTT Communications Corporation Japan BAD IP CHINANET Shanghai province network DOS/SYN

Since my little incident with j35t3r I have been paying more attention again to the IDS. In the last few days alone the system has seen some interesting traffic including another DDoS attempt from Latvia. I am seeing a pattern though for the most part. Our Chinese overlords have a lot of traffic coming my way from worms.

Also interesting to note is the Nmap traffic, guess some folks got interested in my system to see what ports I have open. They went away unhappy though. Kinda makes you wonder what your traffic is like huh? It also might make you wonder just how much your system is protected.. If it is at all.

If you are interested, you can take a scan for yourself with Shields Up. It’s a system in place to run a Nessus scan against your IP address and see whats what. It does a good job and will tell you what ports are open and perhaps what vulns you might have.

Just remember, if you have a persistent connection and your machine is on.. Well, they are knocking at the door.


Written by Krypt3ia

2010/01/24 at 01:23