"Asia Pacific Network Information Centre"
-
One of my internet connected servers keeps getting RDP login attempts from an IP address, which according to a whois lookup, belongs to some company in Australia I have never heard of. The login attempts are now numbering in the hundreds. Another very worrying IP address that has been trying to login to the server belongs to "RIPE Network Coordination Centre". After a search on the internet, this company is described as "The RIPE NCC is one of five Regional Internet Registries (RIRs) providing Internet resource allocations, registration services and coordination activities that support the operation of the Internet globally." Why would a company like this be trying to login to my server? Edit: In total, the number of failed login attempts by various IP addresses is: 14402 :wtf: What's going on?!
See if you can crack this: b749f6c269a746243debc6488046e33f
So far, no one seems to have cracked this!The unofficial awesome history of Code Project's Bob! "People demand freedom of speech to make up for the freedom of thought which they avoid."
-
Oh right :sigh:
See if you can crack this: b749f6c269a746243debc6488046e33f
So far, no one seems to have cracked this!The unofficial awesome history of Code Project's Bob! "People demand freedom of speech to make up for the freedom of thought which they avoid."
-
One of my internet connected servers keeps getting RDP login attempts from an IP address, which according to a whois lookup, belongs to some company in Australia I have never heard of. The login attempts are now numbering in the hundreds. Another very worrying IP address that has been trying to login to the server belongs to "RIPE Network Coordination Centre". After a search on the internet, this company is described as "The RIPE NCC is one of five Regional Internet Registries (RIRs) providing Internet resource allocations, registration services and coordination activities that support the operation of the Internet globally." Why would a company like this be trying to login to my server? Edit: In total, the number of failed login attempts by various IP addresses is: 14402 :wtf: What's going on?!
See if you can crack this: b749f6c269a746243debc6488046e33f
So far, no one seems to have cracked this!The unofficial awesome history of Code Project's Bob! "People demand freedom of speech to make up for the freedom of thought which they avoid."
The IP address can be spoofed right?
Vasudevan Deepak Kumar Personal Homepage
Tech Gossips
The woods are lovely, dark and deep, But I have promises to keep, And miles to go before I sleep, And miles to go before I sleep! -
One of my internet connected servers keeps getting RDP login attempts from an IP address, which according to a whois lookup, belongs to some company in Australia I have never heard of. The login attempts are now numbering in the hundreds. Another very worrying IP address that has been trying to login to the server belongs to "RIPE Network Coordination Centre". After a search on the internet, this company is described as "The RIPE NCC is one of five Regional Internet Registries (RIRs) providing Internet resource allocations, registration services and coordination activities that support the operation of the Internet globally." Why would a company like this be trying to login to my server? Edit: In total, the number of failed login attempts by various IP addresses is: 14402 :wtf: What's going on?!
See if you can crack this: b749f6c269a746243debc6488046e33f
So far, no one seems to have cracked this!The unofficial awesome history of Code Project's Bob! "People demand freedom of speech to make up for the freedom of thought which they avoid."
They're probably trying to brute force a password. Hopefully you picked a really strong one. :~ Maybe you can block that IP address.
-
One of my internet connected servers keeps getting RDP login attempts from an IP address, which according to a whois lookup, belongs to some company in Australia I have never heard of. The login attempts are now numbering in the hundreds. Another very worrying IP address that has been trying to login to the server belongs to "RIPE Network Coordination Centre". After a search on the internet, this company is described as "The RIPE NCC is one of five Regional Internet Registries (RIRs) providing Internet resource allocations, registration services and coordination activities that support the operation of the Internet globally." Why would a company like this be trying to login to my server? Edit: In total, the number of failed login attempts by various IP addresses is: 14402 :wtf: What's going on?!
See if you can crack this: b749f6c269a746243debc6488046e33f
So far, no one seems to have cracked this!The unofficial awesome history of Code Project's Bob! "People demand freedom of speech to make up for the freedom of thought which they avoid."
-
They're probably trying to brute force a password. Hopefully you picked a really strong one. :~ Maybe you can block that IP address.
It was a reasonably strong password before, but just in case, I've made a new password that is 17 characters long.
See if you can crack this: b749f6c269a746243debc6488046e33f
So far, no one seems to have cracked this!The unofficial awesome history of Code Project's Bob! "People demand freedom of speech to make up for the freedom of thought which they avoid."
-
Buffer overflows, Security Exploits -- these seem to be some of the buzz words frequently appearing in Microsoft security bulletins and patches. I am wondering if this is Microsoft strategy to maintain jobs for their section of employees by retaining and injecting bugs? Can't they deliver one piece of code which is free of such unit-testing category bugs that even my dog will not miss?
Vasudevan Deepak Kumar Personal Homepage
Tech Gossips
The woods are lovely, dark and deep, But I have promises to keep, And miles to go before I sleep, And miles to go before I sleep! -
It was a reasonably strong password before, but just in case, I've made a new password that is 17 characters long.
See if you can crack this: b749f6c269a746243debc6488046e33f
So far, no one seems to have cracked this!The unofficial awesome history of Code Project's Bob! "People demand freedom of speech to make up for the freedom of thought which they avoid."
17 characters, eh? Thanks for letting me know the exact length. I can now save a little time by not checking any other length.
-
17 characters, eh? Thanks for letting me know the exact length. I can now save a little time by not checking any other length.
I bet you can sell that info for a pretty penny to someone at APNIC... :)
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
"Why don't you tie a kerosene-soaked rag around your ankles so the ants won't climb up and eat your candy ass." - Dale Earnhardt, 1997 -
The IP address can be spoofed right?
Vasudevan Deepak Kumar Personal Homepage
Tech Gossips
The woods are lovely, dark and deep, But I have promises to keep, And miles to go before I sleep, And miles to go before I sleep!Spoofed IPs can't complete the TCP three-way-handshake to establish a connection; so they can be only used with UDP (or for good old SYN floods).
-
Buffer overflows, Security Exploits -- these seem to be some of the buzz words frequently appearing in Microsoft security bulletins and patches. I am wondering if this is Microsoft strategy to maintain jobs for their section of employees by retaining and injecting bugs? Can't they deliver one piece of code which is free of such unit-testing category bugs that even my dog will not miss?
Vasudevan Deepak Kumar Personal Homepage
Tech Gossips
The woods are lovely, dark and deep, But I have promises to keep, And miles to go before I sleep, And miles to go before I sleep!You realize that almost any use of a pointer in C outside the array bounds is an exploitable buffer overflow? Even dereferencing a null pointer can be exploitable in some rare cases. It's not just restricted to the simple stack buffers you might remember seeing - in fact those simple cases are difficult or impossible to exploit due to NX and stack cookies, and they're easily detected by static code analysis. But think about more complex code as occurs when parsing complex binary file/message formats; it's extremely hard to test for all possible invalid kinds of input. You rarely have a chance of finding this type of bug without writing a protocol-specific fuzzer. And don't forget that C / C++ have tons of undefined behavior that attackers can exploit. For examples, the standard allows compilers to assume that no overflows happen with signed integers and pointer, and some C compilers have been seen optimizing away security checks because they were "always false" (except for the cases with the integer overflow, which the compiler is allowed to ignore). http://blogs.msdn.com/b/david_leblanc/archive/2008/04/04/evil-compiler-tricks-and-checking-for-pointer-math.aspx[^] I don't think we'll see a reduction in the number of security issues until the industry switches to a safer language. (this isn't a Microsoft-specific problem)
