Hey /g/. My Linux showed that my machine has established an SSH

Thread replies: 20
Thread images: 1

Anonymous
2017-07-29 06:46:18 Post No. 61619069
[Report] Image search: [Google]

File: 1500313770316.gif (1MB, 407x262px) Image search: [Google]

Anonymous 2017-07-29 06:46:18 Post No. 61619069 [Report]

Hey /g/.
My Linux showed that my machine has established an SSH connection with an Chinese address. What the fuck?
Is my machine hacked?
How to I stop that?

Anonymous 2017-07-29 06:49:16 Post No.61619087
[Report]

Anonymous 2017-07-29 06:49:16 Post No.61619087 [Report]

congratulations on installing Brave, enjoy

Anonymous 2017-07-29 06:51:21 Post No.61619102
[Report]

Anonymous 2017-07-29 06:51:21 Post No.61619102 [Report]

>>61619069
Bitcoin mining zombie.

Anonymous 2017-07-29 06:51:59 Post No.61619105
[Report]

Anonymous 2017-07-29 06:51:59 Post No.61619105 [Report]

Re-image
fail2ban
sshkeys

/thread

Anonymous 2017-07-29 06:54:43 Post No.61619131
[Report]

Anonymous 2017-07-29 06:54:43 Post No.61619131 [Report]

>>61619069
>How to I stop that?
1. install fail2ban
2. set ssh port to something nonstandard (and remember it)

Anonymous 2017-07-29 06:56:17 Post No.61619139
[Report]

Anonymous 2017-07-29 06:56:17 Post No.61619139 [Report]

irt:            IRT-CU-CN
address:        No.21,Jin-Rong Street
address:        Beijing,100140
address:        P.R.China
e-mail:         [email protected]
abuse-mailbox:  [email protected]
admin-c:        CH1302-AP
tech-c:         CH1302-AP
auth:           # Filtered
mnt-by:         MAINT-CNCGROUP
changed:        [email protected] 20101110
changed:        [email protected] 20101116
source:         APNIC

person:         ChinaUnicom Hostmaster
nic-hdl:        CH1302-AP
e-mail:         [email protected]
address:        No.21,Jin-Rong Street
address:        Beijing,100033
address:        P.R.China
phone:          +86-10-66259764
fax-no:         +86-10-66259764
country:        CN
changed:        [email protected] 20090408
mnt-by:         MAINT-CNCGROUP
source:         APNIC

person:         Kong Lingfei
nic-hdl:        KL984-AP
e-mail:         [email protected]
address:        45, Guang An Street, Shi Jiazhuang City, HeBei Province,050011,CN
phone:          +86-311-86681601
fax-no:         +86-311-86689210
country:        cn
changed:        [email protected] 20090206
mnt-by:         MAINT-CNCGROUP-HE
source:         APNIC

% Information related to '221.192.0.0/14AS4837'

route:          221.192.0.0/14
descr:          CNC Group CHINA169 Hebei Province Network
country:        CN
origin:         AS4837
mnt-by:         MAINT-CNCGROUP-RR
changed:        [email protected] 20060118
source:         APNIC

Anonymous 2017-07-29 07:14:20 Post No.61619248
[Report]

Anonymous 2017-07-29 07:14:20 Post No.61619248 [Report]

for fucks sake.After I installed fail2ban and changed the password more Chinese IPs started popping up. Am I fucked?

Anonymous 2017-07-29 07:17:35 Post No.61619267
[Report]

Anonymous 2017-07-29 07:17:35 Post No.61619267 [Report]

>>61619248
you are part of a game show, many of my friends laugh you at dinner time

Anonymous 2017-07-29 07:24:32 Post No.61619317
[Report]

Anonymous 2017-07-29 07:24:32 Post No.61619317 [Report]

>>61619248
why are you still connected to the internet?

Anonymous 2017-07-29 07:24:43 Post No.61619319
[Report]

Anonymous 2017-07-29 07:24:43 Post No.61619319 [Report]

>>61619267
I don't have a camera nor a microphone

Anonymous 2017-07-29 07:25:52 Post No.61619326
[Report]

Anonymous 2017-07-29 07:25:52 Post No.61619326 [Report]

>>61619317
I moved to my phone and changed IP to mobile.

Anonymous 2017-07-29 07:29:49 Post No.61619359
[Report]

Anonymous 2017-07-29 07:29:49 Post No.61619359 [Report]

>>61619326
congrats now they have your phone.

Anonymous 2017-07-29 07:35:07 Post No.61619403
[Report]

Anonymous 2017-07-29 07:35:07 Post No.61619403 [Report]

>>61619359
I don't have my number in this phone.
Also, I had port fotwarding on ssh opened. Silly me.

Anonymous 2017-07-29 07:39:28 Post No.61619434
[Report]

Anonymous 2017-07-29 07:39:28 Post No.61619434 [Report]

Chinese IPs and others will scan the internet for SSH. Just because they connect to the service doesn't mean they actually authenticate but if you have root login enabled they will brute force passwords

Anonymous 2017-07-29 08:14:45 Post No.61619689
[Report]

Anonymous 2017-07-29 08:14:45 Post No.61619689 [Report]

>>61619434
Motherfuckers.

Anonymous 2017-07-29 08:17:06 Post No.61619701
[Report]

Anonymous 2017-07-29 08:17:06 Post No.61619701 [Report]

>>61619069
nuke your pc
 sudo dd if=/dev/null of=/dev/sda 

Anonymous 2017-07-29 08:49:17 Post No.61619921
[Report]

Anonymous 2017-07-29 08:49:17 Post No.61619921 [Report]

Hey guys what are we talking about in this thread?

Anonymous 2017-07-29 09:14:10 Post No.61620109
[Report]

Anonymous 2017-07-29 09:14:10 Post No.61620109 [Report]

>>61619921
Chinks proving that they're the most cancerous folk.

Anonymous 2017-07-29 09:17:29 Post No.61620128
[Report]

Anonymous 2017-07-29 09:17:29 Post No.61620128 [Report]

>>61619069
chinamen are looking to sneak in your backdoor and leave you with a little somethin somethin that you will never be able to get rid of

Anonymous 2017-07-29 11:04:50 Post No.61620989
[Report]

Anonymous 2017-07-29 11:04:50 Post No.61620989 [Report]

>>61620128
Fuck them! I'm installing Tomato on my router tomorrow!

I'm aware that Imgur.com will stop allowing adult images since 15th of May. I'm taking actions to backup as much data as possible. Read more on this topic here - https://archived.moe/talk/thread/1694/

I'm aware that Imgur.com will stop allowing adult images since 15th of May. I'm taking actions to backup as much data as possible.
Read more on this topic here - https://archived.moe/talk/thread/1694/