create account

My first hacker attack by neander-squirrel

View this thread on: hive.blogpeakd.comecency.com
· @neander-squirrel · (edited)
$0.49
My first hacker attack
## Hello guys,

I just want to report with great excitement that my new virtual server got it's very first unsuccessful hacker attack :)

I am developing a bot for the Steem community and soon it will be released for all of you to enjoy the services for free! As I was coding today, I've noticed a new connection to the server which wasn't me! o_O

### The attack
![attack](https://i.imgur.com/76vkg1Y.jpg)
Somebody was trying to  break my SSH (secure socket shell) password and gain access to the server.
It was a classic brute force attack. Which is similar when you forget your pass and try some combinations :) The difference is that the attacker uses a machine for that and can try thousands of passwords in a minute.

The first thing they try are common passwords, than words, and names. They have a dictionary!
You might going to laugh but the 3 most widely used password is:
* 12345
* password
* 123456

Be sure, that any attacker would try those first:)
Check out this [wikipedia article](https://en.m.wikipedia.org/wiki/List_of_the_most_common_passwords) for the most common passwords, I hope yours is not amongst them! ;)

### Why there was no danger?
I have a secure password in the server, around 20 characters long.
With that length there is 3.6^39 possible combinations (that's 36 with 38 zeroes behind it). It would take 706 centuries for a powerful machine to break it:) Good luck with that!

### About the attacker
I have traced back the attacker's IP address to china but it doesn't mean too much because he could be anywhere. Here are few stats of the used IP:

![scsh](https://i.imgur.com/ajrVKs5.jpg)

![scsh2](https://i.imgur.com/8Y2CddY.jpg)

### Choose a strong password!
Here are my advices for secure password:
1. Always choose as long as possible password everywhere
2. Do not use words, names
3. Your key should include upper and lowercase characters at least. Even better if you use numbers and special characters too (@$#&%)
4. Do not use the same password at more than one place

## Exciting times :)
***
<sup><sup>Image: [hack](https://commons.m.wikimedia.org/wiki/File:Byseyhanla.jpg) ([CC BY-SA 4.0](https://creativecommons.org/licenses/by-sa/4.0/deed.en))</sup></sup>
👍  , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
properties (23)
authorneander-squirrel
permlinkmy-first-hacker-attack
categoryhacker
json_metadata{"tags":["hacker","attack","developer","steemdev","steem-dev"],"image":["https://i.imgur.com/76vkg1Y.jpg","https://i.imgur.com/ajrVKs5.jpg","https://i.imgur.com/8Y2CddY.jpg"],"links":["https://en.m.wikipedia.org/wiki/List_of_the_most_common_passwords","https://commons.m.wikimedia.org/wiki/File:Byseyhanla.jpg","https://creativecommons.org/licenses/by-sa/4.0/deed.en"],"app":"steemit/0.1","format":"markdown"}
created2017-11-03 05:28:45
last_update2017-11-03 08:12:24
depth0
children25
last_payout2017-11-10 05:28:45
cashout_time1969-12-31 23:59:59
total_payout_value0.440 HBD
curator_payout_value0.054 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length2,203
author_reputation416,506,081,655
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd0
post_id19,323,012
net_rshares238,498,351,131
author_curate_reward""
vote details (59)
@allabout ·
hi make me link for your discord chanell, im flagged by some autobots :)
👍  
👎  
properties (23)
authorallabout
permlinkre-neander-squirrel-my-first-hacker-attack-20171105t233348230z
categoryhacker
json_metadata{"tags":["hacker"],"app":"steemit/0.1"}
created2017-11-05 23:33:51
last_update2017-11-05 23:33:51
depth1
children9
last_payout2017-11-12 23:33:51
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length72
author_reputation2,512,443,832,662
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id19,558,243
net_rshares-59,356,777,044
author_curate_reward""
vote details (2)
@neander-squirrel ·
https://discord.gg/HnZkPT
properties (22)
authorneander-squirrel
permlinkre-allabout-re-neander-squirrel-my-first-hacker-attack-20171105t235906074z
categoryhacker
json_metadata{"tags":["hacker"],"links":["https://discord.gg/HnZkPT"],"app":"steemit/0.1"}
created2017-11-05 23:59:09
last_update2017-11-05 23:59:09
depth2
children0
last_payout2017-11-12 23:59:09
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length25
author_reputation416,506,081,655
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id19,559,426
net_rshares0
@steemservices ·
$0.14
properties (23)
authorsteemservices
permlinksteemservices-re-allaboutre-neander-squirrel-my-first-hacker-attack-20171105t233348230z
categoryhacker
json_metadata""
created2017-11-05 23:33:57
last_update2017-11-05 23:33:57
depth2
children7
last_payout2017-11-12 23:33:57
cashout_time1969-12-31 23:59:59
total_payout_value0.138 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length60
author_reputation29,872,431,292,097
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id19,558,248
net_rshares66,087,908,050
author_curate_reward""
vote details (38)
@allabout ·
now i kill your money idiot
👎  
properties (23)
authorallabout
permlinkre-steemservices-steemservices-re-allaboutre-neander-squirrel-my-first-hacker-attack-20171105t233736424z
categoryhacker
json_metadata{"tags":["hacker"],"app":"steemit/0.1"}
created2017-11-05 23:37:39
last_update2017-11-05 23:37:39
depth3
children5
last_payout2017-11-12 23:37:39
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length27
author_reputation2,512,443,832,662
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id19,558,425
net_rshares-66,087,908,050
author_curate_reward""
vote details (1)
@flagfixer ·
@steemservices you were flagged by a worthless gang of trolls, so, I gave you an upvote to counteract it!  Enjoy!!
properties (22)
authorflagfixer
permlinkflagfixer-re-steemservicessteemservices-re-allaboutre-neander-squirrel-my-first-hacker-attack-20171105t233348230z
categoryhacker
json_metadata""
created2018-07-24 15:11:18
last_update2018-07-24 15:11:18
depth3
children0
last_payout2018-07-31 15:11:18
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length114
author_reputation2,148,467,197,579
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id65,825,662
net_rshares0
@binkyprod ·
$0.02
Oh my goodness! :o Uh, congratulations? lol It feels funny to say "Your first hacker, wow, that's amazing!" And then "Unsuccessful, amazing!" hehe 

That's one intense password for that amount of zeros, I'm not even sure my brain can process that much. Sooner I found myself telling my husband that I needed to end the conversation so that now that I have "upoaded" the information, I need to process it lol (ADD does that sometimes.)

I'm not sure what those codes mean, but sure, looks accurate, I guess. (shrugs)
👍  
properties (23)
authorbinkyprod
permlinkre-neander-squirrel-my-first-hacker-attack-20171103t055840105z
categoryhacker
json_metadata{"tags":["hacker"],"app":"steemit/0.1"}
created2017-11-03 05:58:33
last_update2017-11-03 05:58:33
depth1
children9
last_payout2017-11-10 05:58:33
cashout_time1969-12-31 23:59:59
total_payout_value0.021 HBD
curator_payout_value0.003 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length515
author_reputation103,994,393,290,019
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id19,324,357
net_rshares12,805,900,759
author_curate_reward""
vote details (1)
@neander-squirrel ·
Hehe, don't try to imagine that number it's way toooooo big for human brain:)

The code is for people who want to hack the hacker. The numbers are the ports which are open to the world so people can interact with (or hack) his server ;)
properties (22)
authorneander-squirrel
permlinkre-binkyprod-re-neander-squirrel-my-first-hacker-attack-20171103t061718887z
categoryhacker
json_metadata{"tags":["hacker"],"app":"steemit/0.1"}
created2017-11-03 06:17:21
last_update2017-11-03 06:17:21
depth2
children8
last_payout2017-11-10 06:17:21
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length236
author_reputation416,506,081,655
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id19,325,264
net_rshares0
@allabout ·
![Capture.JPG](https://steemitimages.com/DQmd6NUyNi9h8EmLTy8Rpo7Z167hybX6drULQ1Ph6inxdUZ/Capture.JPG)
👎  
properties (23)
authorallabout
permlinkre-neander-squirrel-re-binkyprod-re-neander-squirrel-my-first-hacker-attack-20171105t233848757z
categoryhacker
json_metadata{"tags":["hacker"],"image":["https://steemitimages.com/DQmd6NUyNi9h8EmLTy8Rpo7Z167hybX6drULQ1Ph6inxdUZ/Capture.JPG"],"app":"steemit/0.1"}
created2017-11-05 23:38:51
last_update2017-11-05 23:38:51
depth3
children2
last_payout2017-11-12 23:38:51
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length101
author_reputation2,512,443,832,662
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id19,558,489
net_rshares-66,087,908,050
author_curate_reward""
vote details (1)
@allabout ·
![Capture.JPG](https://steemitimages.com/DQmd6NUyNi9h8EmLTy8Rpo7Z167hybX6drULQ1Ph6inxdUZ/Capture.JPG)
👎  
properties (23)
authorallabout
permlinkre-neander-squirrel-re-binkyprod-re-neander-squirrel-my-first-hacker-attack-20171105t233913061z
categoryhacker
json_metadata{"tags":["hacker"],"image":["https://steemitimages.com/DQmd6NUyNi9h8EmLTy8Rpo7Z167hybX6drULQ1Ph6inxdUZ/Capture.JPG"],"app":"steemit/0.1"}
created2017-11-05 23:39:15
last_update2017-11-05 23:39:15
depth3
children1
last_payout2017-11-12 23:39:15
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length101
author_reputation2,512,443,832,662
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id19,558,506
net_rshares-66,087,908,050
author_curate_reward""
vote details (1)
@allabout ·
![Capture.JPG](https://steemitimages.com/DQmd6NUyNi9h8EmLTy8Rpo7Z167hybX6drULQ1Ph6inxdUZ/Capture.JPG)
👎  
properties (23)
authorallabout
permlinkre-neander-squirrel-re-binkyprod-re-neander-squirrel-my-first-hacker-attack-20171105t234021618z
categoryhacker
json_metadata{"tags":["hacker"],"image":["https://steemitimages.com/DQmd6NUyNi9h8EmLTy8Rpo7Z167hybX6drULQ1Ph6inxdUZ/Capture.JPG"],"app":"steemit/0.1"}
created2017-11-05 23:40:24
last_update2017-11-05 23:40:24
depth3
children1
last_payout2017-11-12 23:40:24
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length101
author_reputation2,512,443,832,662
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id19,558,580
net_rshares-66,087,908,050
author_curate_reward""
vote details (1)
@binkyprod ·
Oh ok. So someone can now hack the hacker to find out where he is and who he is...

For some reason, I suddenly have a scene from the Garfeild Halloween special with the old pirate man saying: "They know who you are! They know WHERE you are!"
👍  
properties (23)
authorbinkyprod
permlinkre-neander-squirrel-re-binkyprod-re-neander-squirrel-my-first-hacker-attack-20171103t063802560z
categoryhacker
json_metadata{"tags":["hacker"],"app":"steemit/0.1"}
created2017-11-03 06:37:54
last_update2017-11-03 06:37:54
depth3
children0
last_payout2017-11-10 06:37:54
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length242
author_reputation103,994,393,290,019
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id19,326,401
net_rshares6,588,924,013
author_curate_reward""
vote details (1)
@smallbites ·
Thanks for Ginabot,
properties (22)
authorsmallbites
permlinkre-neander-squirrel-my-first-hacker-attack-20180830t062132686z
categoryhacker
json_metadata{"tags":["hacker"],"app":"steemit/0.1"}
created2018-08-30 06:21:33
last_update2018-08-30 06:21:33
depth1
children0
last_payout2018-09-06 06:21:33
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length19
author_reputation4,839,521,708,182
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id69,767,859
net_rshares0
@themarkymark ·
$0.02
I highly recommend you disable root access, change SSH Port, and disable password authentication.  These are all done in sshd_config. 

You will want to setup an ssh key (I recommend the newer standard ed255190) and only allow access via ssh key.

I would also install Fail2Ban, and customize it for the new SSH port.

If you don't already, make sure you have iptables or ufw firewall enabled and properly configured.
👍  
properties (23)
authorthemarkymark
permlinkre-neander-squirrel-my-first-hacker-attack-20171103t084648887z
categoryhacker
json_metadata{"tags":["hacker"],"app":"steemit/0.1"}
created2017-11-03 08:46:45
last_update2017-11-03 08:46:45
depth1
children0
last_payout2017-11-10 08:46:45
cashout_time1969-12-31 23:59:59
total_payout_value0.018 HBD
curator_payout_value0.006 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length417
author_reputation1,779,987,785,957,669
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id19,333,817
net_rshares12,531,977,748
author_curate_reward""
vote details (1)
@warmachine · (edited)
$0.03
My friends and I are running a VPS for personal development projects and we had the same happened to us. It seems there is just an abundance of idiots probing for insecure servers via SSH. I couldn't agree more with your message -- Strong passwords save lives. :)
👍  
properties (23)
authorwarmachine
permlinkre-neander-squirrel-my-first-hacker-attack-20171109t003249603z
categoryhacker
json_metadata{"tags":["hacker"],"app":"steemit/0.1"}
created2017-11-09 00:32:54
last_update2017-11-09 00:33:21
depth1
children2
last_payout2017-11-16 00:32:54
cashout_time1969-12-31 23:59:59
total_payout_value0.025 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length263
author_reputation249,956,701
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id19,824,334
net_rshares12,737,935,255
author_curate_reward""
vote details (1)
@neander-squirrel · (edited)
Since than I disabled root login and login with password. Now it is unbreakable:)

Also it killed the joy out of it as I can't watch the logs rolling as the attacker trying to break in:/

I'm surprised how fast I got the first attemt of break in. The server was only running since 2-3 days...
👍  
properties (23)
authorneander-squirrel
permlinkre-warmachine-re-neander-squirrel-my-first-hacker-attack-20171109t003757981z
categoryhacker
json_metadata{"tags":["hacker"],"app":"steemit/0.1"}
created2017-11-09 00:38:00
last_update2017-11-09 00:38:39
depth2
children1
last_payout2017-11-16 00:38:00
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length292
author_reputation416,506,081,655
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id19,824,574
net_rshares1,635,389,889
author_curate_reward""
vote details (1)
@warmachine ·
Yeah, we've only had ours up for a few weeks as well and same thing. I've enabled 2FA for web access and we've generated SSH keys for each login. Very amusing to watch them attempt to break in.
properties (22)
authorwarmachine
permlinkre-neander-squirrel-re-warmachine-re-neander-squirrel-my-first-hacker-attack-20171110t034010346z
categoryhacker
json_metadata{"tags":["hacker"],"app":"steemit/0.1"}
created2017-11-10 03:40:18
last_update2017-11-10 03:40:18
depth3
children0
last_payout2017-11-17 03:40:18
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length193
author_reputation249,956,701
root_title"My first hacker attack"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id19,922,729
net_rshares0