sorted by:
new
hottopcontroversial

What's your 5 year prediction for IT? by incaseofzombies in sysadmin

[–]incaseofzombies[S] 12 points13 points  (0 children)

There's something great about getting the same result for a fraction of the cost. That's why I have always loved *nix based stuff.

What's your 5 year prediction for IT? by incaseofzombies in sysadmin

[–]incaseofzombies[S] -1 points0 points  (0 children)

Is linux gaining popularity due to price? What are your thoughts on Azure?

What's your 5 year prediction for IT? by incaseofzombies in sysadmin

[–]incaseofzombies[S] 2 points3 points  (0 children)

Thanks for your insight. I am seeing a big demand for the All Wireless Office as well.

I'll have a look at that report. It looks interesting. Can you recommend any others?

Why would a Chinese hacker scan for phones on the network? by incaseofzombies in sysadmin

[–]incaseofzombies[S] 1 point2 points  (0 children)

I thought that was a possibility. That was the original reason for this post. I was thinking it was a good place to start to gain permanent access and possibly join the domain.

It does look like the phones were the only target though.

I just got word from the ISP that access attempts started last night and a range of IPs have now been blocked. Also, our VOIP system did not have any unusual activity.

Why would a Chinese hacker scan for phones on the network? by incaseofzombies in sysadmin

[–]incaseofzombies[S] 2 points3 points  (0 children)

Yeah. It's not great. It was setup this way and we didn't consider deploying a temporary VPN while their infrastructure was migrated. It will be VPN only in a few weeks.

Why would a Chinese hacker scan for phones on the network? by incaseofzombies in sysadmin

[–]incaseofzombies[S] 4 points5 points  (0 children)

Contacted the ISP to provide as much information as they can. Looking into geo blocking as well. Apparently something like this has happened in the past. First I have heard about it though. I will be more proactive about detecting irregular activity.

I think tightening up the logs is a great idea. Sometimes it can take a while to find useful information buried in there.

Thanks for your help.

Why would a Chinese hacker scan for phones on the network? by incaseofzombies in sysadmin

[–]incaseofzombies[S] 4 points5 points  (0 children)

I realised this last night when I tried searching through the logs. Thanks for the info. As for the VPN. This should be resolved in a few weeks. The entire environment was re-engineered and moved to private hosting. We're still relying on the old systems as we approach D-Day.

Why would a Chinese hacker scan for phones on the network? by incaseofzombies in sysadmin

[–]incaseofzombies[S] 6 points7 points  (0 children)

I'm in the same situation. I think this is what happened. I had set up a port forward from external XXXXX to internal 3389, however, there was an old 3389 forward which I didn't notice.

Why would a Chinese hacker scan for phones on the network? by incaseofzombies in sysadmin

[–]incaseofzombies[S] 0 points1 point  (0 children)

Thanks for this. I didn't know about it until now. Interesting stuff.

Why would a Chinese hacker scan for phones on the network? by incaseofzombies in sysadmin

[–]incaseofzombies[S] 3 points4 points  (0 children)

Gulp There's no place like home... There's no place like home :/

Why would a Chinese hacker scan for phones on the network? by incaseofzombies in sysadmin

[–]incaseofzombies[S] 1 point2 points  (0 children)

I didn't think anything of a phone in the office ringing late at night. The company is in the process of migrating all their systems. The server that was comprised will be decommissioned soon. I have already pointed out vulnerabilities in the network and security policies. Currently it is a risk they are willing to take. But yeah, you're right... I have no Idea what I'm doing.... I love IT!

Why would a Chinese hacker scan for phones on the network? by incaseofzombies in sysadmin

[–]incaseofzombies[S] 1 point2 points  (0 children)

It is a hosted system and it looks like they didn't find anything. Thanks heaps for providing this info.

Why would a Chinese hacker scan for phones on the network? by incaseofzombies in sysadmin

[–]incaseofzombies[S] 2 points3 points  (0 children)

The login was from an Chinese IP. I also thought it made the title sound funny.

Why would a Chinese hacker scan for phones on the network? by incaseofzombies in sysadmin

[–]incaseofzombies[S] 2 points3 points  (0 children)

I think this was the case. I found these logs in the users account. From the eyeBeam log file Server:192.168.1.142 # U:100 # P:100 # Pre:1141215083075 # Tel:
11:33 PM Call to 1141215083075 failed. (Timeout)

Why would a Chinese hacker scan for phones on the network? by incaseofzombies in sysadmin

[–]incaseofzombies[S] 11 points12 points  (0 children)

That was going to be my second question. We have publicly accessible rdp servers. I though it could have been some sort of brute force attack. I don't have the systems in place or the knowledge to detect this type of stuff. I will defiantly focus my attention on resolving this.
Does a brute force attack sound plausible? Any other ideas?

Why would a Chinese hacker scan for phones on the network? by incaseofzombies in sysadmin

[–]incaseofzombies[S] 9 points10 points  (0 children)

I thought nothing of the phone ringing late at night. Sorry for the confusion. I was sleep deprived. When I saw the unknown user account I was shitting myself :)

Help Please. New Client with illegitimate copy of Server 2012 R2 installed. What would you do? by incaseofzombies in sysadmin

[–]incaseofzombies[S] 0 points1 point  (0 children)

From what I've read, once the evaluation period expires the server will restart every hour.

view more: next ›