How come these hackers are so crazy???

Hi fellow webmaster,

For a quite time I've hesitated to post this---I'm not willing to see folks complaining some country easily---OK, finally let's just blame some very naughty, really vicious hackers!

For a long time, my dedicated servers have been hit by repeated hackihng efforts almost every day, and the following is one that was seen earlier today:

Nov 7 (hostname) sshd[60738]: Failed password for root from 211.57.5.125 port 2195 ssh2
Nov 7 (hostname) sshd[60737]: Failed password for root from 211.57.5.125 port 2194 ssh2
Nov 7 (hostname) sshd[60741]: Failed password for root from 211.57.5.125 port 2206 ssh2
Nov 7 (hostname) sshd[60743]: Failed password for root from 211.57.5.125 port 2224 ssh2
Nov 7 (hostname) sshd[60747]: Failed password for root from 211.57.5.125 port 2253 ssh2
Nov 7 (hostname) sshd[60748]: Failed password for root from 211.57.5.125 port 2252 ssh2
Nov 7 (hostname) sshd[60751]: Failed password for root from 211.57.5.125 port 2258 ssh2
Nov 7 (hostname) sshd[60754]: Failed password for root from 211.57.5.125 port 2296 ssh2
Nov 7 (hostname) sshd[60757]: Failed password for root from 211.57.5.125 port 2315 ssh2
Nov 7 (hostname) sshd[60758]: Failed password for root from 211.57.5.125 port 2314 ssh2
Nov 7 (hostname) sshd[60761]: Failed password for root from 211.57.5.125 port 2326 ssh2
Nov 7 (hostname) sshd[60763]: Failed password for root from 211.57.5.125 port 2340 ssh2
Nov 7 (hostname) sshd[60765]: Failed password for root from 211.57.5.125 port 2347 ssh2
Nov 7 (hostname) sshd[60773]: Failed password for root from 211.57.5.125 port 2402 ssh2
Nov 7 (hostname) sshd[60777]: Failed password for root from 211.57.5.125 port 2472 ssh2
Nov 7 (hostname) sshd[64802]: Failed password for root from 218.237.4.57 port 40290 ssh2
Nov 7 (hostname) sshd[64803]: Failed password for root from 218.237.4.57 port 40292 ssh2
Nov 7 (hostname) sshd[64804]: Failed password for root from 218.237.4.57 port 40294 ssh2
Nov 7 (hostname) sshd[64808]: Failed password for root from 218.237.4.57 port 40305 ssh2
Nov 7 (hostname) sshd[64810]: Failed password for root from 218.237.4.57 port 40332 ssh2
Nov 7 (hostname) sshd[64812]: Failed password for root from 218.237.4.57 port 40350 ssh2
Nov 7 (hostname) sshd[64813]: Failed password for root from 218.237.4.57 port 40355 ssh2
Nov 7 (hostname) sshd[64814]: Failed password for root from 218.237.4.57 port 40356 ssh2
Nov 7 (hostname) sshd[64818]: Failed password for root from 218.237.4.57 port 40366 ssh2
Nov 7 (hostname) sshd[64820]: Failed password for root from 218.237.4.57 port 40386 ssh2
Nov 7 (hostname) sshd[64822]: Failed password for root from 218.237.4.57 port 40393 ssh2
Nov 7 (hostname) sshd[64823]: Failed password for root from 218.237.4.57 port 40399 ssh2
Nov 7 (hostname) sshd[64825]: Failed password for root from 218.237.4.57 port 40400 ssh2
Nov 7 (hostname) sshd[64828]: Failed password for root from 218.237.4.57 port 40408 ssh2
Nov 7 (hostname) sshd[64830]: Failed password for root from 218.237.4.57 port 40441 ssh2
Nov 7 (hostname) sshd[65262]: Failed password for root from 219.252.1.125 port 58697 ssh2
Nov 7 (hostname) sshd[65264]: Failed password for root from 219.252.1.125 port 58863 ssh2
Nov 7 (hostname) sshd[65266]: Failed password for root from 219.252.1.125 port 59038 ssh2
............

Meanwhile the hackers also do these:

Host: 220.121.179.198 /\x90\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\
Http Code: 354 Date: Nov 08 03:12:48 Http Version: 414 Size in Bytes: "-"
Referer: -
Agent

............

The naughty hackers are from South Korea. South Korean hackers are of the most aggressive type. For years, my servers have got hacking from some countries, but what the heck the South Korean hackers are the most frequent ones, hacking my servers almost every day!

The real problems are that some Internet authorities in South Korea did not care my reports of the hacking abuses from persons in their country; after I blocked the found hackers' IPs, those hackers changed with new IPs to continue hacking---these are more and more daily offenses to me, distracting and frustrating me much. Much time was spent meaninglessly. I'm now scaring for my servers.

I'm bewildered and want to know:How come these hackers are so crazy??? How come these hackers are so crazy???

How come South Korean hackers are so crazy?

What is the effective way to stop these bad hackers?

Any advice/help is highly appreciated!

Orc.

 

 

 

 

Top