Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login

Posted: 11/21/2008 6:38:17 AM EDT
Holy christ

Did we piss off the CHINESE this week or something?

IT admin here, and my god damn networks have been getting nailed all week long by chinese IPs. One minor break-in, and then Denial of service attacks out the ass by the little bastards.


I think these little motherfuckers want a war, might have to go blackhat over the weekend to deal with these little pricks





Link Posted: 11/21/2008 6:48:24 AM EDT
Where do you work?
Link Posted: 11/21/2008 6:51:06 AM EDT
Burn their playhouse down!
Link Posted: 11/21/2008 6:52:12 AM EDT
Is this why my internet has been down at home? They better stop it or I'll boycott their tainted milk.
Link Posted: 11/21/2008 6:55:35 AM EDT
Originally Posted By Yingster:
Where do you work?



YINGster wants to know where you work?


OPSEC!!!! Don't give it to him.








Link Posted: 11/21/2008 6:57:36 AM EDT
Originally Posted By sherrick13:
Originally Posted By Yingster:
Where do you work?



YINGster wants to know where you work?


OPSEC!!!! Don't give it to him.










They are on to us agent Ying!
Link Posted: 11/21/2008 6:58:13 AM EDT
Pentagon Hit by Unprecedented Cyber Attack

As a result of the cyber attack, the Defense Department has banned the use of external hardware devices throughout a vast network of military computers.

http://www.foxnews.com/politics/2008/11/20/pentagon-cyber-siege-unprecedented-attack/
Link Posted: 11/21/2008 6:58:41 AM EDT
Originally Posted By behindenemylines:
Originally Posted By sherrick13:
Originally Posted By Yingster:
Where do you work?



YINGster wants to know where you work?


OPSEC!!!! Don't give it to him.










They are on to us agent Ying!


Quick, burn your code books and your rice paddies! Leave nothing useful behind!
Link Posted: 11/21/2008 6:59:36 AM EDT
They tooled up, and now we are not in a position to buy.
Sure they are pissed.
Link Posted: 11/21/2008 7:02:08 AM EDT
They've been trying to hack into the FTP server I run for years.

Too bad for them it's not even a *nix-based system, so all their attempts to log in as root are futile.

I have firewalled out numerous class A subnets because of that activity.
Link Posted: 11/21/2008 7:11:54 AM EDT
Originally Posted By El-cid:
Pentagon Hit by Unprecedented Cyber Attack

As a result of the cyber attack, the Defense Department has banned the use of external hardware devices throughout a vast network of military computers.

http://www.foxnews.com/politics/2008/11/20/pentagon-cyber-siege-unprecedented-attack/


So this explains the 13 emails from NMCI saying that I cant use a thumb drive anymore...
Link Posted: 11/21/2008 7:12:51 AM EDT
Originally Posted By XD2311:
Originally Posted By El-cid:
Pentagon Hit by Unprecedented Cyber Attack

As a result of the cyber attack, the Defense Department has banned the use of external hardware devices throughout a vast network of military computers.

http://www.foxnews.com/politics/2008/11/20/pentagon-cyber-siege-unprecedented-attack/


So this explains the 13 emails from NMCI saying that I cant use a thumb drive anymore...


Now it is all clear. I had guessed that it had something to do with hacking.
Link Posted: 11/21/2008 7:14:58 AM EDT
Originally Posted By El-cid:
Pentagon Hit by Unprecedented Cyber Attack

As a result of the cyber attack, the Defense Department has banned the use of external hardware devices throughout a vast network of military computers.

http://www.foxnews.com/politics/2008/11/20/pentagon-cyber-siege-unprecedented-attack/


Just reported on fox that it is a worm and it is expected to shut Pentagon computers down sometime between now and inauguration.
Link Posted: 11/21/2008 8:07:11 AM EDT
Fucking swell.

The military spends billions to create an isolated "secure" WAN to prevent hacking and some tool infects the fucking thing via his external hard drive.

Hint: Physical security is just as important as network security.

Link Posted: 11/21/2008 8:09:39 AM EDT
Originally Posted By coltaceguy:
I think these little motherfuckers want a war, might have to go blackhat over the weekend to deal with these little pricks

Stick a honeypot out on a isolated network and watch them hump the thing for a while. Should be good for some laughs.
Link Posted: 11/21/2008 8:10:57 AM EDT
So when do we shut their computers down?
Link Posted: 11/21/2008 9:49:11 AM EDT
Oh no! How is Wally World going to stock their store shelves now???

Link Posted: 11/21/2008 9:54:56 AM EDT
nah
its just skynet getting started
Link Posted: 11/21/2008 9:55:57 AM EDT
The only spam I get these days is from China.
Link Posted: 11/21/2008 9:56:34 AM EDT
China is invincible! CHINA IS UNDER ATTACK!
Link Posted: 11/21/2008 9:58:19 AM EDT
Originally Posted By cyclone:
So when do we shut their computers down?





I was curious about that too. We're the ones writing these programs, right? What kind of cyber attacks are we doing?



-K
Link Posted: 11/21/2008 10:01:00 AM EDT
Originally Posted By TheCynic:
Originally Posted By coltaceguy:
I think these little motherfuckers want a war, might have to go blackhat over the weekend to deal with these little pricks

Stick a honeypot out on a isolated network and watch them hump the thing for a while. Should be good for some laughs.


Already been done, acutally have had a honeynet in place for about 2 years. The attacks just keep getting more intense though. I'm gonna teach some of those little motherfuckers a lesson this weekend

Link Posted: 11/21/2008 10:05:15 AM EDT
Originally Posted By TheCynic:
Originally Posted By coltaceguy:
I think these little motherfuckers want a war, might have to go blackhat over the weekend to deal with these little pricks

Stick a honeypot out on a isolated network and watch them hump the thing for a while. Should be good for some laughs.


like a monkey fucking a football!
Link Posted: 11/21/2008 10:13:30 AM EDT
Originally Posted By XD2311:
Originally Posted By El-cid:
Pentagon Hit by Unprecedented Cyber Attack

As a result of the cyber attack, the Defense Department has banned the use of external hardware devices throughout a vast network of military computers.

http://www.foxnews.com/politics/2008/11/20/pentagon-cyber-siege-unprecedented-attack/


So this explains the 13 emails from NMCI saying that I cant use a thumb drive anymore...



Under Worm Assault, Military Bans Disks, USB Drives
By Noah Shachtman November 19, 2008 | 6:12:30 PMCategories: Info War

The Defense Department's geeks are spooked by a rapidly spreading worm crawling across their networks. So they've suspended the use of so-called thumb drives, CDs, flash media cards, and all other removable data storage devices from their nets, to try to keep the worm from multiplying any further.

The ban comes from the commander of U.S. Strategic Command, according to an internal Army e-mail. It applies to both the secret SIPR and unclassified NIPR nets. The suspension, which includes everything from external hard drives to "floppy disks," is supposed to take effect "immediately." Similar notices went out to the other military services.

In some organizations, the ban would be only a minor inconvenience. But the military relies heavily on such drives to store information. Bandwidth is often scarce out in the field. Networks are often considered unreliable. Takeaway storage is used constantly as a substitute.

The problem, according to a second Army e-mail, was prompted by a "virus called Agent.btz." That's a variation of the "SillyFDC" worm, which spreads by copying itself to thumb drives and the like. When that drive or disk is plugged into a second computer, the worm replicates itself again — this time on the PC. "From there, it automatically downloads code from another location. And that code could be pretty much anything," says Ryan Olson, director of rapid response for the iDefense computer security firm. SillyFDC has been around, in various forms, since July 2005. Worms that use a similar method of infection go back even further — to the early '90s. "But at that time they relied on infecting floppy disks rather than USB drives," Olson adds.

Servicemembers are supposed to "cease usage of all USB storage media until the USB devices are properly scanned and determined to be free of malware," one e-mail notes. Eventually, some government-approved drives will be allowed back under certain "mission-critical," but unclassified, circumstances. "Personally owned or non-authorized devices" are "prohibited" from here on out.

To make sure troops and military civilians are observing the suspension, government security teams "will be conducting daily scans and running custom scripts on NIPRNET and SIPRNET to ensure the commercial malware has not been introduced," an e-mail says. "Any discovery of malware will result in the opening of a security incident report and will be referred to the appropriate security officer for action."

"The USB ban should be effective in stopping the worm," Olson says. Asked if such a wide-spread measure was a bit of over-kill, Olson responded, "I don't know."

"I know this [is an] inconvenience," e-mails one Michigan Army National Guardsman. "This has been briefed to the CoS [Chief of Staff] of the ARMY. This is not just a problem for Michigan, and is effecting operations around the world. This is a very serious threat and should be treated as such. Please understand that this is a form of attack, and we need to have patience in dealing with this issue."

http://blog.wired.com/defense/2008/11/army-bans-usb-d.html


Link Posted: 11/21/2008 10:15:31 AM EDT
Originally Posted By XD2311:
Originally Posted By El-cid:
Pentagon Hit by Unprecedented Cyber Attack

As a result of the cyber attack, the Defense Department has banned the use of external hardware devices throughout a vast network of military computers.

http://www.foxnews.com/politics/2008/11/20/pentagon-cyber-siege-unprecedented-attack/


So this explains the 13 emails from NMCI saying that I cant use a thumb drive anymore...



Ding DIng Ding, we have a winner.

Link Posted: 11/21/2008 10:20:04 AM EDT
Originally Posted By JIMBEAM:
Originally Posted By XD2311:
Originally Posted By El-cid:
Pentagon Hit by Unprecedented Cyber Attack

As a result of the cyber attack, the Defense Department has banned the use of external hardware devices throughout a vast network of military computers.

http://www.foxnews.com/politics/2008/11/20/pentagon-cyber-siege-unprecedented-attack/


So this explains the 13 emails from NMCI saying that I cant use a thumb drive anymore...



Ding DIng Ding, we have a winner.



i couldnt print my da31 because they wouldnt let me use my thumb drive on OPS laptop. damn those chinamen.

Link Posted: 11/21/2008 10:26:17 AM EDT
According to the NSA, this has been going on for years. China, Euros, Russians, Domestic hackers all trying to get into any network they can.
Link Posted: 11/21/2008 10:26:22 AM EDT
[Last Edit: 11/21/2008 10:28:55 AM EDT by cbrooks]
I wonder if there are any "digital mercenaries" on our side?

I bet the Chi-Comms know
Link Posted: 11/21/2008 10:33:18 AM EDT
Originally Posted By PBIR:
Originally Posted By behindenemylines:
Originally Posted By sherrick13:
Originally Posted By Yingster:
Where do you work?



YINGster wants to know where you work?


OPSEC!!!! Don't give it to him.










They are on to us agent Ying!


Quick, burn your code books and your rice paddies! Leave nothing useful behind!


I am German damnit!!!

Yingst is the Americanized form of German Jüngst, a distinguishing name for the youngest son of a family, from the superlative form of Middle High German junc ‘young’

I used to work with a girl that would call me Alex Chinese. It drove me nuts but she was hot so it was ok.
Link Posted: 11/21/2008 10:33:32 AM EDT
We haven't been able to bring in external devices, unless you practically have
a Letter Of Authorization from God Himself, in forever.

Old news here.....
Link Posted: 11/21/2008 10:41:12 AM EDT
Heres the deal..

All that money that .gov took from us and gave to them to refund them for the bad paper they bought (you did not really think that all went into our "economy" did you?)

Well it was not enough.. they ARE pissed. They figure with the fuckin they got on bad paper, the condition we are in with our new "present-dent" and the markets being fucked... they may be able to hasten our demise by attacking our network infrastructure.

Do your thing, tunnel, proxy, spoof away... just make sure you hit their BIG IMPORTANT machines with the worms and trojans.

Fuck those pricks.
Link Posted: 11/21/2008 10:48:31 AM EDT
My wireless network crashed hard yesterday. Took all day to get the fucker back up!
Link Posted: 11/21/2008 10:59:05 AM EDT
[Last Edit: 11/21/2008 10:59:28 AM EDT by KN]
For the last few weeks I have been blocking about 500 viruses per 10000 emails coming to our company. Thats up from the average 10-20. They are pakes.alx sheur2, cryptor variants mostly.
Link Posted: 11/21/2008 1:24:28 PM EDT
Originally Posted By Yingster:
Originally Posted By PBIR:
Originally Posted By behindenemylines:
Originally Posted By sherrick13:
Originally Posted By Yingster:
Where do you work?



YINGster wants to know where you work?


OPSEC!!!! Don't give it to him.










They are on to us agent Ying!


Quick, burn your code books and your rice paddies! Leave nothing useful behind!


I am German damnit!!!

Yingst is the Chinese- Americanized form of German Jüngst, a distinguishing name for the youngest son of a family, from the superlative form of Middle High German junc ‘young’

I used to work with a girl that would call me Alex Chinese. It drove me nuts but she was hot so it was ok.


Fixed it for you.
Link Posted: 11/21/2008 1:49:50 PM EDT
Originally Posted By sherrick13:
Originally Posted By Yingster:
Originally Posted By PBIR:
Originally Posted By behindenemylines:
Originally Posted By sherrick13:
Originally Posted By Yingster:
Where do you work?




YINGster wants to know where you work?


OPSEC!!!! Don't give it to him.










They are on to us agent Ying!


Quick, burn your code books and your rice paddies! Leave nothing useful behind!


I am German damnit!!!

Yingst is the Chinese- Americanized form of German Jüngst, a distinguishing name for the youngest son of a family, from the superlative form of Middle High German junc ‘young’

I used to work with a girl that would call me Alex Chinese. It drove me nuts but she was hot so it was ok.


Fixed it for you.


Dang, they didn't take the cover up!

Quick agent behindenemylines thow a lead painted toy at them while I keep hacking thier data base!

We must get that how to drive for dummies book!

Only then will we know how to use the secret turn signal!
Link Posted: 11/21/2008 1:52:04 PM EDT
I've been watching an ongoing attempt to login as root via sshd on my webserver. Going on three days now. Normally I attribute this crap to worms floating around, but this time I've literally been hit by some 800+ different zombie hosts.

Maybe eventually they'll figure out there's no root login here.
Link Posted: 11/21/2008 2:49:16 PM EDT
Trojans... and we buy their electronics stuff.
Link Posted: 11/21/2008 2:53:15 PM EDT
What is the "black hat" you speak of?
Link Posted: 11/21/2008 3:07:16 PM EDT
Our systems are two seperate animals where I work . One has absolutley no internet connection and one is open . We stop doing any data transfer to the secure servers when we hit a certain suspicious threshold of attempts on our open system . I work in ID theft resolution.
Link Posted: 11/21/2008 3:08:49 PM EDT
What Rock have you been hiding under? Our networks have been under attack for years...by the Chicoms.


Link Posted: 11/21/2008 3:13:57 PM EDT


How much of this is state sponsored hacking vs. a few brilliant little chinamen just having fun with us?

Fukkin plicks.
Link Posted: 11/21/2008 3:22:02 PM EDT
Originally Posted By M4-AK:
Trojans... and we buy their electronics stuff.



And some of those like to phone home on their own also...
Link Posted: 11/21/2008 3:30:47 PM EDT
[Last Edit: 11/21/2008 3:36:30 PM EDT by Sub-MOA]
*cough*
Link Posted: 11/21/2008 3:38:48 PM EDT
Its going on nationwide...they are just pinging the hell out of everything...
Link Posted: 11/21/2008 3:40:07 PM EDT
Originally Posted By PoopyPants603:
What is the "black hat" you speak of?


Black Hat = Hacker with Bad Intent
White Hat = Hacker with Good Intent.
Link Posted: 11/21/2008 3:42:04 PM EDT
Originally Posted By ARinKCMO:
Originally Posted By PoopyPants603:
What is the "black hat" you speak of?


Black Hat = Hacker with Bad Intent
White Hat = Hacker with Good Intent.


I see, said the blind man.
Link Posted: 11/21/2008 3:51:08 PM EDT
Originally Posted By Alacran:
Originally Posted By XD2311:
Originally Posted By El-cid:
Pentagon Hit by Unprecedented Cyber Attack

As a result of the cyber attack, the Defense Department has banned the use of external hardware devices throughout a vast network of military computers.

http://www.foxnews.com/politics/2008/11/20/pentagon-cyber-siege-unprecedented-attack/


So this explains the 13 emails from NMCI saying that I cant use a thumb drive anymore...



Under Worm Assault, Military Bans Disks, USB Drives
By Noah Shachtman November 19, 2008 | 6:12:30 PMCategories: Info War

The Defense Department's geeks are spooked by a rapidly spreading worm crawling across their networks. So they've suspended the use of so-called thumb drives, CDs, flash media cards, and all other removable data storage devices from their nets, to try to keep the worm from multiplying any further.

The ban comes from the commander of U.S. Strategic Command, according to an internal Army e-mail. It applies to both the secret SIPR and unclassified NIPR nets. The suspension, which includes everything from external hard drives to "floppy disks," is supposed to take effect "immediately." Similar notices went out to the other military services.

In some organizations, the ban would be only a minor inconvenience. But the military relies heavily on such drives to store information. Bandwidth is often scarce out in the field. Networks are often considered unreliable. Takeaway storage is used constantly as a substitute.

The problem, according to a second Army e-mail, was prompted by a "virus called Agent.btz." That's a variation of the "SillyFDC" worm, which spreads by copying itself to thumb drives and the like. When that drive or disk is plugged into a second computer, the worm replicates itself again — this time on the PC. "From there, it automatically downloads code from another location. And that code could be pretty much anything," says Ryan Olson, director of rapid response for the iDefense computer security firm. SillyFDC has been around, in various forms, since July 2005. Worms that use a similar method of infection go back even further — to the early '90s. "But at that time they relied on infecting floppy disks rather than USB drives," Olson adds.

Servicemembers are supposed to "cease usage of all USB storage media until the USB devices are properly scanned and determined to be free of malware," one e-mail notes. Eventually, some government-approved drives will be allowed back under certain "mission-critical," but unclassified, circumstances. "Personally owned or non-authorized devices" are "prohibited" from here on out.

To make sure troops and military civilians are observing the suspension, government security teams "will be conducting daily scans and running custom scripts on NIPRNET and SIPRNET to ensure the commercial malware has not been introduced," an e-mail says. "Any discovery of malware will result in the opening of a security incident report and will be referred to the appropriate security officer for action."

"The USB ban should be effective in stopping the worm," Olson says. Asked if such a wide-spread measure was a bit of over-kill, Olson responded, "I don't know."

"I know this [is an] inconvenience," e-mails one Michigan Army National Guardsman. "This has been briefed to the CoS [Chief of Staff] of the ARMY. This is not just a problem for Michigan, and is effecting operations around the world. This is a very serious threat and should be treated as such. Please understand that this is a form of attack, and we need to have patience in dealing with this issue."

http://blog.wired.com/defense/2008/11/army-bans-usb-d.html




Holy crap, is the military that stupid? Stop using Windows and you'll stop getting your defense networks wormed. This is like Security 101 from 1995.
Link Posted: 11/21/2008 4:01:01 PM EDT
Originally Posted By ph713:
Originally Posted By Alacran:
Originally Posted By XD2311:
Originally Posted By El-cid:
Pentagon Hit by Unprecedented Cyber Attack

As a result of the cyber attack, the Defense Department has banned the use of external hardware devices throughout a vast network of military computers.

http://www.foxnews.com/politics/2008/11/20/pentagon-cyber-siege-unprecedented-attack/


So this explains the 13 emails from NMCI saying that I cant use a thumb drive anymore...



Under Worm Assault, Military Bans Disks, USB Drives
By Noah Shachtman November 19, 2008 | 6:12:30 PMCategories: Info War

The Defense Department's geeks are spooked by a rapidly spreading worm crawling across their networks. So they've suspended the use of so-called thumb drives, CDs, flash media cards, and all other removable data storage devices from their nets, to try to keep the worm from multiplying any further.

The ban comes from the commander of U.S. Strategic Command, according to an internal Army e-mail. It applies to both the secret SIPR and unclassified NIPR nets. The suspension, which includes everything from external hard drives to "floppy disks," is supposed to take effect "immediately." Similar notices went out to the other military services.

In some organizations, the ban would be only a minor inconvenience. But the military relies heavily on such drives to store information. Bandwidth is often scarce out in the field. Networks are often considered unreliable. Takeaway storage is used constantly as a substitute.

The problem, according to a second Army e-mail, was prompted by a "virus called Agent.btz." That's a variation of the "SillyFDC" worm, which spreads by copying itself to thumb drives and the like. When that drive or disk is plugged into a second computer, the worm replicates itself again — this time on the PC. "From there, it automatically downloads code from another location. And that code could be pretty much anything," says Ryan Olson, director of rapid response for the iDefense computer security firm. SillyFDC has been around, in various forms, since July 2005. Worms that use a similar method of infection go back even further — to the early '90s. "But at that time they relied on infecting floppy disks rather than USB drives," Olson adds.

Servicemembers are supposed to "cease usage of all USB storage media until the USB devices are properly scanned and determined to be free of malware," one e-mail notes. Eventually, some government-approved drives will be allowed back under certain "mission-critical," but unclassified, circumstances. "Personally owned or non-authorized devices" are "prohibited" from here on out.

To make sure troops and military civilians are observing the suspension, government security teams "will be conducting daily scans and running custom scripts on NIPRNET and SIPRNET to ensure the commercial malware has not been introduced," an e-mail says. "Any discovery of malware will result in the opening of a security incident report and will be referred to the appropriate security officer for action."

"The USB ban should be effective in stopping the worm," Olson says. Asked if such a wide-spread measure was a bit of over-kill, Olson responded, "I don't know."

"I know this [is an] inconvenience," e-mails one Michigan Army National Guardsman. "This has been briefed to the CoS [Chief of Staff] of the ARMY. This is not just a problem for Michigan, and is effecting operations around the world. This is a very serious threat and should be treated as such. Please understand that this is a form of attack, and we need to have patience in dealing with this issue."

http://blog.wired.com/defense/2008/11/army-bans-usb-d.html




Holy crap, is the military that stupid? Stop using Windows and you'll stop getting your defense networks wormed. This is like Security 101 from 1995.


This is not true. Linux/Unix/BSD desktops are not commonly hacked because they are not typically high-value targets. As a whole, *nix users are smart people, and know when their machine is compromised, and take action. There are millions of Windows machines out there run by utter and complete newbies to computers, waiting to be turned to zombies.

If the DoD switched to a Unix derivative, I guarantee you there would be an increase in the number of Unix-like machines compromised. Installing Ubuntu is not a cure-all for security concerns - rather, it takes you out of the big pool of "easy" targets, and into a smaller pool of more difficult targets that are generally not worth the effort.

FYI, if you rooted my Unix laptop, you'd see a ~/ folder with a few config files, and nothing else. My other stuff auto-unmounts after 10 minutes of disuse, and i don't mount it unless I'm using it. Good luck breaking my Twofish-encrypted hidden volume jackass :)

(And yes, even my porn is encrypted.)
Top Top