cisrt.org having security related issues...
...so you link to the blog post
A recent post by the team at the Chinese Internet Security Response Team to their English-language site indicates that some of the site visitors are experiencing an attack from the CISRT.org site as a result of an injected IFRAME tag. Injected IFRAME tags are not a new means of using legitimate sites to launch attacks on …
...so you link to the blog post
With most of the malicious attacks on my own server originating in China, it comes as no surprise to find that visits to the Red Army's official "web security" site would be the trigger for even more malicious attacks.
It's typical of the sort of thing that prompted me to classify all Chinese IP space as "firewall on sight."
overrun might be fun to try and secure a server there it would be some good experience.
I completely agree. It's safe to say that anything operated from China, that's owned/operated by Chinese is really in cahoots with the PLA or State. Therefore, it's absolutely not surprising that such an mysterious event is occuring. And not only are the Chinese excellent in cyber crime, but their skill in Public Affairs and human manipulation are uncanny.
Oh, btw, I've also blocked all incoming/outgoing requests from Chinese IPs at my firewall... little buggers just can't be trusted. :)
The two websites listed as being where the crap is being downloaded from... i seem to be having issues connecting to them.
Did you make them up? They really don't seem to exist, lads
If I blocked every IP that spews out spam, pr0n, crap and political bullsh1t, I'd have blocked a fair percentage of the USA's websites.
First, sort out all the spam you've gotten recently. Say, the last 100 spams. A few minute's worth.
Now, find the URLs they link to. Granted, a few will be advertising phone numbers, etc, but ignore that for the moment as it's not many. Just sort out the URLs.
Now, whois.sc each one of them.
Count up the number that are hosted in the US.
Count up the number that are hosted in China.
And do please report back here. I'm interested to hear your findings.
For the terminally curious, when I did this a year or so back, out of 100 sites advertised, about 80 were hosted in China, 10 in Singapore/Korea/Taiwan/etc, and the rest between Russia (mostly), Brazil, and a couple of others. None in the US. Granted, most of those sites are *run* by Americans, and most spam ITSELF is from insecure US boxes (I believe) but without the infrastructure to actually deal with the traffic and host the e-commerce essentials, the spam would be worthless. And thanks to China, it's not.
"most of those sites are *run* by Americans" - but since they hijacked Chinese servers, it's China's fault !!
And if China didn't offer the infrastructure, it would be somebody else taking the blame. Anyone, except the poor Americans responsible for the whole mess in the first place.
This is one thread where we won't hear about how it was the US that invented the Internet !
Way to go with the casual racism.
I agree. Anything originating from TLDs .cn, .ru, tw and .kr goes straight to /dev/null.
BTW, I liked the "Great FireWall of China" quip, Vincent