The Chinese are Attacking!

screen-shot-2016-12-11-at-11-06-55-am
Every once in a while I check the logs of the server that hosts this blog, to see if there are any shenanigans going on. And every time I check, there ARE shenanigans. The Chinese have been slowly, patiently poking at this machine for a long, long time. The attacks will not succeed; they are trying to log in as “root”, the most powerful account on any *NIX-flavored computer, but on my server root is not allowed to log in from the outside, precisely because it is so powerful.

But the attack itself is an interesting look at the world of institutionalized hacking. It is slow, and patient, only making an attempt every thirty seconds or so. Many attack-blockers use three tries in a minute to detect monkey business; this will fly under that radar. Trying fewer than 200,000 password guesses per day limits the effectiveness of a brute-force attack, but over time (and starting with the million most common passwords), many servers will be compromised.

And in the Chinese view, they have all the time in the world. Some servers will fall to their attacks, others won’t. The ones that are compromised will likely be loaded with software that will, Manchurian-Candidate style, lie dormant until the Chinese government decides to break the Internet. And although servers like mine would provide excellent leverage, located as it is in a data center with high-speed access to the backbone, the bad guys have now discovered that home invasion provides a burgeoning opportunity as well. Consider the participation of refrigerators and thermostats in the recent attack on the Internet infrastructure on the East Coast of the United States and you begin to see the possibilities opened by a constant, patient probing of everything connected to the Internet.

I’ve been boning up on how to block the attack on my server; although in its current form the attack cannot succeed, I know I’ve been warned. The catch is I have to be very careful as I configure my safeguards — some mistakes would result in ME not being able to log in. That would be inconvenient, because if I’m unable to log in I won’t be able to fix my mistake. But like the Chinese, I can take things slowly and make sure I do it right.

1

3 thoughts on “The Chinese are Attacking!

  1. Patience: when I think “Chinese” I invariably think “two thousand year civilization…” When I think “American” I invariably think “quarterly profit & loss statement…”

    The slow, soft “tap tap tap” on your server door… is it a solitary thief, or a gang of masked intruders swarming in the doorway with only the one patient attacker standing and persisting? I do wonder if the US alphabet soup brigade might swarm in that pestilent cloud?

    Philosophically, the intent? To one day snare one’s enemies by dropping the net on their heads? Nervously, I watch the 900-lb Panda in the South China Sea. Reef by reef, bucket by bucket, sand piled upon sand, a bastion of occupation and military force has shouldered Chinese territorial claims up to the shores of its hapless neighbors. The Chinese cowbird has laid its eggs; earlier, weaker hatchings will be pushed out.

    Perhaps to challenge the cowbird’s claim will be to trip the Internet trigger.

    • Taking a little trip down memory lane today, and I stopped on this episode because I remembered how much I appreciated your response. But it seems at the time I didn’t say so. Consider so said.

      • Thank you! This day & age (that phrase alone dates me) of flash content, thoughts, repartee, it seems almighty gracious to receive a thoughtful thank-you. Re-reading what I’d posted, I sometimes amaze myself. The keyboard is “ali-baba” to my old brain cells. I never know what’s gonna pop out through the fingers. Be assured that it never happens when the mouth is engaged!

        Our patient friends across the Pacific are enjoying a lengthy free pass while America focuses on shithole politics.

        The ‘tap-tap-tap’ continues. We can take faith, however, in superior American digital technology as demonstrated by the Hawaiian GUI alert system, with no immediate “Oops! Cancel that!” fallback. Advice to America: in case of an incoming missile attack warning, have your old school desk handy to duck under, the better to kiss your ass goodbye.

        The Chinese cowbird has laid its egg and flown. The South China Sea is now unquestionable, unassailable, and irrevocable Chinese territorial waters, having gone from claimed possession to established geopolitical fact in less than a decade. From time to time they’ll let American warships transit to let U.S. maintain the illusion that we have some influence… but we dare not challenge the gatekeeper.

        Turn off the TV. Listen carefully.

        Tap… tap… tap…

Leave a Reply

Your email address will not be published. Required fields are marked *