Hacker News new | past | comments | ask | show | jobs | submit login

Anyone can think of a particular reason as to why his website is being targeted by the Chinese?



It's not targeted and has nothing to do with the box running a web server. These brute force login attempts starts only minutes after you put a new server with SSH exposed online.

Using default passwords and usernames like: admin, support, user, user2, student2, gitlab, git, postgres, cisco, root, ts3user, deploy, vagrant, jenkins, ftptest, 224, 130, dbadmin, sinusbot, mc, daniel, weblogic, guest, redmine, teamspeak, etc.

Checked a random box, lastb | wc -l shows 38k attempts since Feb 1.


Why wouldn’t it be? These scripts attack every site, all day every day. Not a minute goes by without someone (or some bot) attempting some sort of attack on my website.


I don't think my site is being "targeted" more than any other in my ip range. This is all automated stuff that gets dumped off anyway.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: