Internet Backround Noise

Do you know how noisy the internet is?
You can open TCPDUMP right now, and all sorts of actors will stream in.
Be it for legitimate research, fun, or pure malicious intent.
They are constantly trying to enumerate the services running on your machine.

Tools like MASSCAN can scan the entire Internet in under 5 minutes.

On any machine, take a look:
tcpdump 'tcp[tcpflags] == tcp-syn'

Thalidomide Vintage Ad Shirt $22.14

Black Rifle Cuck Company, Conservative Humor Shirt $21.68

Thalidomide Vintage Ad Shirt $22.14

  1. 1 month ago
    Anonymous

    Greynoise lists nearly 1 million IP addresses involved in SSH brute forcing alone.

  2. 1 month ago
    Anonymous

    23 million addresses doing god knows what
    some ok, some very malicious

    • 1 month ago
      Anonymous

      >microsoft
      >benign

  3. 1 month ago
    Anonymous

    >entire internet in under 5 minutes
    Gonna need a source on that one chief

    • 1 month ago
      Anonymous

      check out https://github.com/robertdavidgraham/masscan

      • 1 month ago
        Anonymous

        what accidents?

        • 1 month ago
          Anonymous

          Well, some addresses belong to the government, for one.
          And you will get complaint letters from crybabies for being to l33t and trying to hack the planet.

          • 1 month ago
            Anonymous

            >get complaint letters
            Like snail mail or email?

      • 1 month ago
        Anonymous

        Entire internet? Yet it won't find my ssh server.

      • 1 month ago
        Anonymous

        If you're watching that over ssh it can be an infinite loop where the screen updating causes the numbers to go up which causes the screen to update etc.

      • 1 month ago
        Anonymous

        >make shitty program that makes numbers go up
        >I'm hacking the planet!
        (You)

        • 1 month ago
          Anonymous

          that's just IPTraf you goofball

  4. 1 month ago
    Anonymous

    yes ive opened up my nginx logs too
    identifying the specific attacks is always fun though

  5. 1 month ago
    Anonymous

    What are you running on port 8070 anyway?

    • 1 month ago
      Anonymous

      Don't need to host anything for them to check the port tbh.

      • 1 month ago
        Anonymous

        Then why would I care? They can't do shit to a port that isn't even used for something.

        • 1 month ago
          Anonymous

          Think of it like some guy going around the neighborhood checking if doors are open.
          You lock yours... or don't have any 😉
          The guy is innocent, just checking things out... for reasons

          • 1 month ago
            Anonymous

            Are you proposing they make it a crime to scan ports? Since it's generally considered a crime to come onto someone's property and snoop around.

          • 1 month ago
            Anonymous

            >get off my freaking cyber lawn!

  6. 1 month ago
    Anonymous

    im mostly just seeing cdns and my dns server

  7. 1 month ago
    Anonymous

    It ends up on shodan, and similar sites. (you can see some of them in the logs)
    And, nerds can gawk at your webcam, or IoT toaster, or whatever.

    • 1 month ago
      Anonymous

      Is there a similar site for free? It'd be interesting to see what devices are close to me on a map.

      • 1 month ago
        Anonymous

        google

        • 1 month ago
          Anonymous

          Google has that functionality? I've never seen it.

          • 1 month ago
            Anonymous

            it had, but with "ai results" you'll probably get random trash

          • 1 month ago
            Anonymous

            I didn't know google scanned ports too. I just want to see if I can find the street cameras the city installed, they're probably internet connected.

          • 1 month ago
            Anonymous

            Pretty sure they don't.
            Google still indexes random crap it finds, like IP cameras. But I don't think they scan anything.

    • 1 month ago
      Anonymous

      I stayed up for a week on a drug binge scouring those sites for just a tiny glimmer of pussy and found nothing. I don't think that shit is even real. I didn't even catch any domestic violence. The real world is not that boring is it

      • 1 month ago
        Anonymous

        Most of those sites remove cameras like that.
        insecam front page, for example

        • 1 month ago
          Anonymous

          So fricking gay, whats the point

          • 1 month ago
            Anonymous

            Get dunked on pervert.
            The adults are in charge.

  8. 1 month ago
    Anonymous

    how fricked am I? home pc with ssh and jellyfin
    354 packets captured
    1157 packets received by filter
    772 packets dropped by kernel
    tcpdump 0,03s user 0,05s system 0% cpu 1:02,36 total

    • 1 month ago
      Anonymous

      i wouldn't worry about it

  9. 1 month ago
    Anonymous

    my nginx logs are mostly in red, god knows what kind of 0days hexors use

  10. 1 month ago
    Anonymous
    • 1 month ago
      Anonymous

      How do these companies even exist, this kind of snooping on massive scale should be highly illegal!

      • 1 month ago
        Anonymous

        might be depending on jurisdiction, but the internet is a global place.

      • 1 month ago
        Anonymous

        >open minecraft server
        >shodan visits and advertises it for free
        what's bad about it? was it supposed to be secret?

      • 1 month ago
        Anonymous

        >should be highly illegal!
        Yeah, reading a phone book should be illegal, too.

      • 1 month ago
        Anonymous

        >HOW DARE SOMEONE LOOK AT MY HOUSE THATS ILLEGAL!!

      • 1 month ago
        Anonymous

        they're all NSA fronts, hth

  11. 1 month ago
    Anonymous

    I want tcpdump on my authoritative name servers all day. It's fun finding things that break the bot scripts.

  12. 1 month ago
    Anonymous

    my firewall doesn't allow that

  13. 1 month ago
    Anonymous

    I've hosted files for myself for a couple minutes and had internet scanners find it.

    • 1 month ago
      Anonymous

      >open up torrent client to something with 1 seed and 0 peers
      >20 different other ips want to know my location

      lol lmao

      • 1 month ago
        Anonymous

        to be fair 19 of them are all run by the nsa and should count as one (the 20th is mossad)

  14. 1 month ago
    Anonymous

    >Root bawd
    Loving these script kiddies.

  15. 1 month ago
    Anonymous

    >tcpdump 'tcp[tcpflags] == tcp-syn'
    whats the equivalent filter for wireshark?

  16. 1 month ago
    Anonymous

    >avatargayging in the bottom corner of your pics

    • 1 month ago
      Anonymous

      Hush child, good threads like this are rare here these days

      • 1 month ago
        Anonymous

        And that statement was enough to kill the thread. Funny how this place works sometimes.

      • 1 month ago
        Anonymous

        >t.

  17. 1 month ago
    Anonymous

    Why are you watermarking your posts? Very suspicious

    • 1 month ago
      Anonymous

      how can you tell its watermarked?

  18. 1 month ago
    Anonymous

    rule {
    direction = "in"
    source_ips = [
    "173.245.48.0/20",
    "103.21.244.0/22",
    "103.22.200.0/22",
    "103.31.4.0/22",
    "141.101.64.0/18",
    "108.162.192.0/18",
    "190.93.240.0/20",
    "188.114.96.0/20",
    "197.234.240.0/22",
    "198.41.128.0/17",
    "162.158.0.0/15",
    "104.16.0.0/13",
    "104.24.0.0/14",
    "172.64.0.0/13",
    "131.0.72.0/22",
    "2400:cb00::/32",
    "2606:4700::/32",
    "2803:f800::/32",
    "2405:b500::/32",
    "2405:8100::/32",
    "2a06:98c0::/29",
    "2c0f:f248::/32",
    ]
    protocol = "tcp"
    port = "443"
    description = "pee poo"
    }

  19. 1 month ago
    Anonymous

    Is it possible to get just that transparent image of Frieren? If it's possible could you supply it to me?

    • 1 month ago
      Anonymous

      short supply... double cost this time

      • 1 month ago
        Anonymous

        thanks anon, put it on my tab

  20. 1 month ago
    Anonymous

    I have a vps that I maintain for various reasons. It isn't up 100% of the time so I don't care too much about these kinds of issues. I do occasionally audit the auth logs to see who is trying to guess at my login. Not surprisingly they all originate from China, Israel, and the subcontinent. What's even more interesting is the usernames and password they use to guess at my login. It's never a smart actor brute forcing my login. Its a l33thaxxor using common passwords for "root" or "admin". I've even seen some people use "automation" and a surprisingly large number of people using "jira" and "git". Of course they didn't guess my alpha numeric username. Even the bad actors have gotten dumber.

    • 1 month ago
      Anonymous

      They're bottom of the barrel morons. But they push a billion servers, maybe one falls over.
      The ones you have to worry about are using newly released exploits, scanning the entire internet for vulnerable servers and exploiting them as fast as possible. Which is why patching is important.
      After that it's people crafting their own 0days.

  21. 1 month ago
    Anonymous

    >2024
    >tailscale exists
    >is free
    >homosexuals still have literally anything exposed to the open internet

  22. 1 month ago
    Anonymous

    >Reddit no Frieren

  23. 1 month ago
    Anonymous

    https://github.com/robertdavidgraham/masscan/issues/482
    who was in the wrong here?

  24. 1 month ago
    Anonymous

    omg my box for streaming amateur jav port 6969 is getting bruteforced by the hecking malware bots why would they do this?is this a state sponsored attack?how did they get my secret port?are they living inside my walls?

  25. 1 month ago
    Anonymous

    it glows

  26. 1 month ago
    Anonymous

    one thing i've always wanted to do is setup a ssh honeypot. I know most of these scanners are just bots that'll just execute a set of predetermined command as soon they gain access and so its quite boring

    but i think if i setup the ssh box so that a few commands just error so the bot fails to establish whatever its trying to do, the real adversary of these bots will probably eventually manually try to connect and figure out whats going on. It'd be cool to see what he is trying to do

Your email address will not be published. Required fields are marked *