Menu
What's new
By:
Filters Better Search

Hackers from US university just tried to get in

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

A

AdvHomeServer

Senior Member
I just had a little fun. We'll see what happens next, if anything.

DD-WRT OpenVPN server provides a verbose log. Included are details of who has tried to hack my router. This list is always busy whenever I look at it. Today some hackers with addresses that tracked back to a US university, UM-Ann Arbor, were noted. Just for grins I emailed the security department of the university with prints of what I found out on the trace. I included a couple of additional addresses from attempts a few minutes earlier.

Edit a few hours later: I received an email reply from another party at UM. This person stated I was a part of a research project by "computer scientists" and included verbiage that I interpreted as lacking precision, to put it delicately. I hope to get additional replies. This will probably make a great article for my web site later when the whole story is available to me. UM is now aware of my web site and my interest in writing about this.

Router logs are interesting things.

Edit next day: this is what they do ... scan and see what they find. Follow ups and inquiries elsewhere told me that this is a big yawn. Scans happen. live with it.
 
Last edited:
AdvHomeServer said:
I just had a little fun. We'll see what happens next, if anything.

DD-WRT OpenVPN server provides a verbose log. Included are details of who has tried to hack my router. This list is always busy whenever I look at it. Today some hackers with addresses that tracked back to a US university, UM-Ann Arbor, were noted. Just for grins I emailed the security department of the university with prints of what I found out on the trace. I included a couple of additional addresses from attempts a few minutes earlier.

Edit a few hours later: I received an email reply from another party at UM. This person stated I was a part of a research project by "computer scientists" and included verbiage that I interpreted as lacking precision, to put it delicately. I hope to get additional replies. This will probably make a great article for my web site later when the whole story is available to me. UM is now aware of my web site and my interest in writing about this.

Router logs are interesting things.

Edit next day: this is what they do ... scan and see what they find. Follow ups and inquiries elsewhere told me that this is a big yawn. Scans happen. live with it.
Click to expand...

they are legit. something to do with monitoring internet-wide TLS/SSL certificate usage and such. hey michiganders!
 
You are lucky they even responded to you. When I used to do both small PBX's and wireless routers the attacks on the PBX's were terrible. And most seem to come from China and Russia. If you ever tried to reply to the owners of the IP ranges with information it was just a signal to attack you more.
 
AdvHomeServer said:
I just had a little fun. We'll see what happens next, if anything.

DD-WRT OpenVPN server provides a verbose log. Included are details of who has tried to hack my router. This list is always busy whenever I look at it. Today some hackers with addresses that tracked back to a US university, UM-Ann Arbor, were noted. Just for grins I emailed the security department of the university with prints of what I found out on the trace. I included a couple of additional addresses from attempts a few minutes earlier.

Edit a few hours later: I received an email reply from another party at UM. This person stated I was a part of a research project by "computer scientists" and included verbiage that I interpreted as lacking precision, to put it delicately. I hope to get additional replies. This will probably make a great article for my web site later when the whole story is available to me. UM is now aware of my web site and my interest in writing about this.

Router logs are interesting things.

Edit next day: this is what they do ... scan and see what they find. Follow ups and inquiries elsewhere told me that this is a big yawn. Scans happen. live with it.
Click to expand...
When I used to do both small PBX's and wireless routers the attacks on the PBX's were terrible
o.png
 
I get plenty of legitimate scans from colleges. Well... I assume they are by the hostnames and occasional HTTP server hosted by the scanner's IP explaining their project.


If you want a story, setup a honeypot/honeynet, track down those who infect your machine, document everything, then present your findings. You might even discover an unknown exploit or a new virus propogation technique.

lol, I have even ran into other researchers when doing this.

One of my favorite related Google Tech Talks is this www.youtube.com/watch?v=2GdqoQJa6r4

I forget the exact quote, but in that video, the security team estimated that during the week that they controlled the botnet, over $7million worth of financial data alone was logged. I think that was the conservative estimate too.
That was 2009. Imagine how much more powerful botnets are nowadays...
 
You must log in or register to reply here.

Similar threads

Viktor Jaep
VPNMON [RELEASE] VPNON v1.2 - Script discontinued - please use VPNMON-R2 from here forward...
Replies
10
Views
5K
Viktor Jaep
Viktor Jaep
Maverick009
Switch back to Pfsense from Opnsense and why.
2
Replies
21
Views
61K
Maverick009
Maverick009
Ed B.
  • Sticky
Tutorial Ultimate Guide to setting up Bi-Directional VPN using two Asus Routers via OpenVPN in TUN mode
2
Replies
39
Views
41K
starion
S
Santiago C
How to get DDNS for secondary WAN
Replies
0
Views
2K
Santiago C
Santiago C
H
PPTP Static Route not applying in LAN to LAN VPN setup
Replies
0
Views
4K
hulubei
H

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 485 (members: 25, guests: 460)
Top