Internet Storm Center Tracks Hack Attacks

← Back to Stories (view on slashdot.org)

Internet Storm Center Tracks Hack Attacks

Posted by ryuzaki0 on Thursday May 9, 2002 @01:00PM from the graphic-violence dept.

An Anonymous Coward writes: "It looks like Incidents.org has a new offspring, the Internet Storm Center. The internet storm center uses data from DShield.org to track hack attacks all over the world. Some of the interesting trivia: While usually, China has a bad reputation for the volume of attack coming from it, the US outpaces China by a lot. Actually, China only comes in at #6. So much for the great security boost the US gets from using genuine Microsoft software."

4 of 55 comments (clear)

Min score:

Reason:

Sort:

incorrect by i+like+your+eyes · 2002-05-09 15:44 · Score: 2, Informative

Actually, China only comes in at #6.
US 222907
DE 68478
TH 65644
EU 65612
GB 53130
KR 42523
CN 42291

As far as I can tell, it's coming it at number 7.

--

There's no emoticon for what I'm feeling!
1. Re:incorrect by Anonymous Coward · 2002-05-09 16:41 · Score: 1, Informative
  
  KR 42523
  CN 42291
  Seeing as how the difference between Korea's and China's listings in your citation is less than 300 incidents, I'd wager that when the story was submitted, China was at #6.
  
  The only thing that surprises me is that Romania isn't in the top 5. I'm sitting on a cable modem and I've been running Snort for the hell of it for about 6 months. I get more hack/crack/exploit attempts from Romanian hosts (.ro) than from any other TLD, including all the probes from .com, .net, and .org combined. Romania appears to be a hotbed of crackers, and in some cases I've traced intrusion attempts directly to Romanian ISPs. Not their customers, but the ISPs themselves, e.g. the www host for certain .ro providers.
  
  Germany's placement doesn't surprise me at all, though. If I had a dollar for every t-online.de user who tried to crack my FTP, I'd be richer than Bill Gates. I'm not sure what it is about Germans and FTP probes, but that's all they try to access on my box, and they try it more than anyone else. If I could host beer.ftp.my.in-addr.arpa I surely would, but I can't. Sorry, Germany!
Survey: We Only See the Tip of the Iceberg by ltsmash · 2002-05-09 16:09 · Score: 3, Informative

The Computer Security Institute announced in its Computer Crime and Security Survey that 90% of respondents had security breaches in the last year. ONLY 34% reported ANY of the breaches to law enforcement for fear of bad publicity.
Bottom line: We barely see the tip of the iceberg when it comes to computer security breaches.
Re:There is no surprise by anonymous+cupboard · 2002-05-09 23:25 · Score: 2, Informative

I know some Russian sysadmins, they swear by airgaps. The only route between the internal and external networks was a V.24 line with a custom protocol and dedicated apps (i.e., no general networking layer). Some are considering carefully about DMZ's and firewalls, but they will not rely on commercial stuff because they don't trust it. That is, they will use a mixture of OpenBSD and other operating systems (i.e, no single point of compromise) to provide the protection.