What happens on the Internet when you are not looking at it

A lot of people, even professionals in the field of information technology, do not understand what is happening on the Internet. A very desirable to represent.

Many see the future as cyberpunk, but they miss the underwater part of the iceberg. They think about implants and neural interfaces, but they forget about the huge Internet infrastructure and petabytes of data passing through it in microseconds. What happens on the Internet except that robozlaz saves the video in someone's brain? Nothing good! And it happens now.
')
Most of the traffic is used for surveillance and other illegal cases. The fact that billions of people are willing to provide access to their personal data, looks just insane, but that's their business. The fact that millions of people are ready for the sake of microscopic benefits to foul up the Internet with single-pixel images and similar garbage is disgusting, but expected. The fact that people do not monitor the security of their devices is not expected, and this is not only their business.

This is the case when you harm inaction. I'm talking about simple passwords, or even leaving the factory settings unchanged. Think about it: you almost voluntarily provide your computer to everyone for committing crimes.

Honestly, I myself did not expect that everything is so bad. Under the cat there are some statistics from the life of my server and an explanation of what this means. The server has only IP, seven people and the provider know about its existence, its address was indicated twice in Skype and three times in a letter. He exists only one month.

For those who do not know what SSH is .
For those who are too lazy to read - the possibility of obtaining remote access.
So, for the month, 285499 attempts to connect to the server via ssh were made. 1337 addresses were used, but the figure is funny, but real. Accumulated 36.8 MB logs.

It's pretty hard to gauge these numbers. I will try to make them more understandable to you.
On average, every day from 44 devices tried to access the server, with a maximum of 68.
The request occurred approximately every nine seconds.

If you print out all these requests on paper, you will need about seven standard packs, subject to printing on both sides of 12 fonts and no line breaks. If the seal is full of logs, then around one hundred.

From the point of view of password complexity, if the requests were coordinated and sent for its selection by simple enumeration, then a complex three-digit password, in which all digits, special characters, Latin characters and lowercase / lowercase letters are valid, would be guaranteed.

A Latin lowercase password would be guaranteed for four characters.
A password of numbers would be guaranteed to be selected for five characters.
A password from one real word of English would be guaranteed, regardless of the number of letters.

Let me remind you, this is only for a month. The number of addresses has steadily increased, from 112 in the first five days to 452 in the last five. If this rate continues, then by 2018 all indicators will grow about four times, but I am sure that the growth rate will also increase.

What the hell is this? Who will try to connect to the server a week after it appears?

Of course, I do not exclude the possibility that someone used this address before and there were scripts and demons trying to access it, but why, then, does their number increase?

Alas, these are botnets. I say “botnets” to emphasize the difference from the usual virus infection. No virus came to me in the letter. I was not selected by any criteria. It’s just that someone is trying to gain control over all available machines in order to use them to continue building up the power of the botnet.

Most of the addresses of these devices are easily located in their respective bases. And they are trying to connect not only to me, but also to thousands of other computers around the world.

Think about it. What should be the density of infected devices, so that a hundred of them randomly search a week to get to my address?

Cyberpunk has already arrived, but it is not very noticeable yet. However, high-tech criminals have long had access to millions of computers, phones, routers, cameras and even refrigerators. All that while protecting us is the lack of enough intellectual programs, the botnets have not yet learned how to catch credit card numbers on the camera (although they have learned how to do it from the browser) or to understand speech sufficiently to make compromising recordings of your telephone conversation.

It is terrible that in the modern world there is too much important electronic information about any person. And not the most technically advanced organizations keep it at all. Think about it - even banks, for which information security is above all, regularly fall victim to hacker attacks, let alone state institutions?

Personally, in this story, I just feel some moral discomfort. And the owners of the devices? People unfamiliar with this issue are extremely dismissive of a possible infection. Well, think, well, they will send some data, to hell with it. Anyway, the antivirus will protect!

No, it does not protect. Antivirus checks the login and password, and who entered them - you, your brother or an attacker, he can not determine. But the unpleasant consequences ... Well, let's list them.

Traffic. It would seem nonsense in the era of no-limit, but what do you say about the phones? In addition, when the channel is clogged, it will be hard for you to watch a movie or play online games, for example.

Ban Your address can easily appear in the blacklists of a multitude of resources, for example, because the botnet picked up passwords for the mail, and if you simply lose the ability to download videos with cats, it’s a shame to lose the Internet bank.

Personal Information. Almost all botnets steal your data from passwords to bank card details.

Heavy calculations. This is, of course, quite a boundary example, but try working on a computer that mines bitcoins at 90% of its computational power.

Illegal activities Are you ready to send spam on your behalf? And to the fact that you are involved in the distribution of child pornography? And, by the way, to prove that it is not you will be problematic.

You can continue for a long time. I will give a simple analogy - if you know for sure that your car will be in place in the morning, are you ready to leave the key in the lock for the night? Let the car be in place, but without gasoline, with manure in the trunk and scratched paint. Do you want this?

Yes, this article is banal. Yes, everyone is familiar with the dangers of simple passwords. But why then do they occur so often?

If you are an expert in setting up equipment or programs, then you have a kind of “white man’s burden”. Do not leave loopholes, explain the danger.

If you are fine, explain the problem to friends and relatives. It’s not hard and let you be paranoid, but being a victim of ridicule is better than a victim of crime.
If you have some factory passwords left somewhere or just 123 are driven in, change right now without delay.

You have already read something like that. You can yawn and think that I'm paranoid, that I'm saying obvious things, that no one will hack your router.

However, while I was writing this article, more than two thousand attempts were made to connect to an unnecessary server in the Netherlands. And how many attempts to find the password for your router happened during this time?