Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - News > Syndicated Linux News
User Name
Syndicated Linux News This forum is for the discussion of Syndicated Linux News stories.


  Search this Thread
Old 03-19-2007, 06:31 PM   #1
LXer NewsBot
Registered: Dec 2005
Posts: 114,836

Rep: Reputation: 118Reputation: 118
LXer: Most Computer Attacks Originate in U.S.

Published at LXer:

The United States generates more malicious computer activity than any other country, and sophisticated hackers worldwide are banding together in highly efficient crime rings, according to a new report.

Old 03-19-2007, 06:47 PM   #2
Senior Member
Registered: Sep 2003
Posts: 3,171

Rep: Reputation: 116Reputation: 116
I don't believe it.

My evidence isn't terribly systematic because it represents my experience with my own sites and only my own sites but my experience pretty much contradicts the claim that most attacks originate in the US.

For some time, I have been working to cut down the attacks on my sites, represented by spamming of message boards and attempted hacks/cracks. This has caused me to spend a lot of time reading site logs and following traffic.

Here is what I have seen. As I progressively tightened up my sites, mostly by denying access to entire nations that were (a) not my customers and (b) the apparent sources of my problems, I observed an interesting phenomenon. An attack would originate, most commonly in Eastern Europe, and would fail due to the nation of origin being banned. Then, often, the same attack would be attempted (as identified by referrer, target url, and time frames) from other IP addresses scattered all over the globe until they hit an IP address in a nation that was not banned. Commonly this IP turns out to be in the US since I can't/won't ban US IP ranges (though I will ban individual IPs if I can identify them as broadband) and I will quickly ban IP ranges from a non english speaking country (my marketplace is pretty much restricted to the english speaking world...maybe someday I'll expand beyond that but presently I lack the resources).

So, what we have is an attack that commonly originates in Russia and tries various vectors from around the world until it finds a way through. So, the attack then appears to originate from the US, when in fact the machine in the US is a zombie owned by some unwitting fool.

I really have no reason to believe that my experience is abnormal, but my data is certainly not comprehensive. Nonetheless, I think that I know enough to cry "BS" to the Wired article (which, BTW, comes with an AP tagline - and everyone knows how bad AP is.)

Last edited by jiml8; 03-19-2007 at 06:49 PM.
Old 03-19-2007, 06:57 PM   #3
Senior Member
Registered: Aug 2003
Location: Glasgow
Distribution: Fedora / Solaris
Posts: 3,109

Rep: Reputation: 96
I'm not buying either. The vast majority of SSH scans and brute force attacks I have experienced have been from Eastern Europe.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: A third of dodgy emails are phishing attacks LXer Syndicated Linux News 0 09-05-2006 10:21 AM
LXer: MS Assaults Customers with First Wave of Attacks LXer Syndicated Linux News 4 05-26-2006 02:03 PM
LXer: SANS warns of zero day attacks LXer Syndicated Linux News 0 05-01-2006 07:21 PM
LXer: Microsoft under new legal attacks LXer Syndicated Linux News 0 02-23-2006 05:46 PM
LXer: Trojan Attacks Google AdSense LXer Syndicated Linux News 0 01-02-2006 07:01 PM > Forums > Linux Forums > Linux - News > Syndicated Linux News

All times are GMT -5. The time now is 09:36 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration