New NAS and FTP being hacked again :)

MissilemanMissileman Orlando, Florida Icrontian
edited April 2007 in Science & Tech
Many months ago I had a Linksys tiny NSLU and a bunch of hard drives setting around. I decided to hook a couple of them up and make a home ftp server so I could access all my driver/update files from remote job sites. It worked fairly well, but the box was very slow to load even wired (3 mb/s or so) and you couldn't remotely upload to it. Well I used loaded some of the aftermarket FW to it and played with the FTP on it (it runs Linux like most of these units do). Had it working quite good. I could read/write remotely and get most of my needed files and info. Well I noticed one day I was sitting here and it's access LED was going crazy. I checked it and it was being loaded by some Chinese site with porn. I killed their connection and closed the access ports completely in the firewall. Waited a few weeks and tried again. Was up for 2 days before another Chinese IP was trying to hack in. This time I killed it completely since it was so terribly slow anyway.

All that to tell you this :) I just bought a new Buffalo LinkStation Pro 320. It is very fast for an NAS (30 mb/s). Even transferring huge files (60 GB) it averaged 15.5 mb/s. It also does FTP only this time it works both ways out of the box. Anyway I set it up and put it on line last night about 2AM. I get up 6:30 this morning and it's access light is going wild. I go look at the firewall and this Chinese IP block has over 100 connections trying to brute force login to it. Took em less than 4 hours to find an FTP server. Well I killed the connections and setup an inbound filter rule in the firewall killing that IP block. 2 hours later I'm getting hammered again from a different Chinese IP block. This time I edited the filter rule and blocked all of the IPs from China and Korea. Been up 6 hours now and all is quiet. Seems like a personal best type of record.

Any of you guys see this kinda stuff? I used to see it back several years when I worked in a datacenter, but it was really only once or twice a year. Has the internet really gotten so bad recently? Or do they just like my sweet and kind disposition? :tongue:

BTW I have that LS Pro rigged with it's internal SATA II 320GB, an external USB2HS 160GB, and a USB2HS 200GB. Should let me store stuff for a while before it fills up :)

Comments

  • ShortyShorty Manchester, UK Icrontian
    edited April 2007
    Sadly so. If it's a listening common protocol, someone will find it and attack it! :(

    I have a Pix firewall here and the logs are full of junk attacks from foreign ISPs. *Sigh* .. internet.
Sign In or Register to comment.