SSH And The “Chinese Bots”

 Computing, Security, Working Notes  No Responses »
Apr 012024
 

So I was reading 𝕏 and came across one of those memes showing “Chinese bots” making connections to “open” SSH ports to Internet accessible servers. The suggestion to turn off password authentication in favour of public/private key authentication was certainly a sensible suggestion (on a very simplistic level it effectively makes a very strong “password”).

But the “Chinese bots” thing sort of irritated me a bit, so I decided to trawl my personal firewall logs looking for attempts to connect to my ssh port(s). Even ignoring the IPv6 probes, there were 1251 different addresses probing my network (just one public IPv4 address) in the months of March so far.

Why is this irritating? Because the addresses of the machines attempting to break into a non-existent ssh service here are those of compromised machines. They may be in China, or the USA, Russia, etc. but that in no way betrays who is controlling those “bots”.

Anyway, for some data :-

CountCountry
502,US USA 840 United States
128,CN CHN 156 China
97,KR KOR 410 Korea, Republic of
33,SG SGP 702 Singapore
27,BG BGR 100 Bulgaria
26,RU RUS 643 Russian Federation
22,HK HKG 344 Hong Kong
22,GB GBR 826 United Kingdom
20,DE DEU 276 Germany
16,SE SWE 752 Sweden

And “China” isn’t even in the lead in this case! I have included just the top 10 as a long list of random countries with one or two robots isn’t very enlightening.

The key point here is that the national identity of the compromised host attacking tells you nothing about where the true attacker is from. Russia is quite a likely candidate given it’s status as a rogue nation with a known tolerance for cyber criminals (as long as they co-operate with the state when the state needs their skills), but that is just background knowledge.

Russia: The Chekist State

 History, Politics  No Responses »
May 092021
 

I have recently re-read a bunch of stories about the Cold War where the blame for the repressive nature of the Soviet state was placed firmly on the Communist regime. Fair enough you might think, and certainly for most of the 20th century, the former Russian Empire was an extremely repressive regime whilst the Communists were in charge.

Certainly the secret policemen of the Soviets were well known – the GRU, KGB, NKVD, Cheka (where the label “chekist” comes from and all Russian secret police are labelled “chekists”), and others. But the persistent use of Russian secret policemen continues after the collapse of the Communist regime – the GRU is just as strong as they ever were, and there is also the SVR, the FSB, etc. And they’re just as active as ever – including the Salisbury poisonings and similar activities.

What is less well known is that the Russian intelligence services started well before the Communists acquired power in 1917 – the Okhrana. Whilst their headquarters were burned by the revolutionaries, there are persistent left-wing rumours that Okhrana operatives were recruited by the Cheka for their expertise. It is something that is never likely to be proved – these organisations are secret after all, and it did occur over 100 years ago, but the Cheka did become effective surprisingly quickly.

It is easy to blame the communists for their repressive regime, and they certainly deserve plenty of blame but is it really communism that is to blame here? That’s an all too easy assumption to jump on – particularly given the antipathy certain parties (old school European aristocrats and capitalists) have for anything that smacks of depriving them of their ill-gotten gains.

Communism certainly isn’t to blame for the secret police before and after their regime, so wouldn’t it be more accurate to say Russia has a chekist culture that survived two regime changes? Particularly seeing as the current president is a former KGB officer.

The Wild Chained

Does it matter?

Well for a start, Russia is currently a rogue state using intelligence services in an activist way to kill off critics of their current dictator. And it isn’t communist.

And not all communists are authoritarian communists; they may very well be wrong or misguided but they are not all authoritarians.

Invading Russia: Just Don’t

 History, Politics  No Responses »
Mar 182018
 

I recently scanned a blog entry claiming that Russia’s nerve agent attack on two people in Britain (plus the innocent bystander) wasn’t that big a deal, and that the reaction to it has been excessive. Well, perhaps.

But that blog went on to claim that militarily Russia is a bit of a pushover :-

  1. It’s less than a third the size of the Soviet Red Army. Perhaps but it still has 1 million active personnel and 2.5 million reservists. Not a size you can discount!
  2. It’s weaponry is obsolete. I can’t point to anything other than Russia spending $70 billion a year on defence to say otherwise, but “modernisation” crops up regularly in an discussion of the Russian military. And not in the sense of something that is required, but in the sense of something that is happening.

Lastly there was a reference to something that makes any student of history stare in amazement, and students of military history fall about the floor laughing. That is that Russia’s territory is flat and indefensible – ideal territory for mass tank battles (and indeed previously mass cavalry battles).

The Russian military knows this.

The last successful invasion of Russia whose territory has always been “ripe for invasion” was in the 13th century by the Mongol hordes.

There have been four major invasion attempts that failed to a greater or lesser extent :-

The Swedish military genius Charles XII tried in 1707, and was sounded beaten by the Russians assisted by the Russian winter.

Napoleon gave it a go in 1812, and the Russians inflicted a military disaster on him, again aided by a Russian winter.

Germany fought Russia during WWI, and managed to capture a considerable amount of Russian territory aided by the Russian revolution. But no major Russian cities were lost.

Again Germany tried in WWII, and Russia inflicted a major military defeat on them, with the assistance of the Russian winter.

The notion that anyone will try invading Russia is a bit ridiculous anyway (at least whilst Trump is Putin’s puppet).

So the threat from Russia is supposed “only” from cyberwar; which could be a damp squib or far more exciting than we believed possible. The fact is, we haven’t seen a full scale cyber attack against the UK, and don’t know what the results might be. Given the example of attacks against the Ukraine, we could expect wide-spread power blackouts, but it could be a great deal worse.

To be fair, I think the term “cyberwar” is a bit deceptive; attacking a nation’s connected technology is a tactic in a more widespread scheme of disruption and even war. There again, calling it “cyberwar” is a legitimate means to get funding for defences against such attacks.

The Window

Did The Cold War Ever Go Away?

 Politics  No Responses »
Mar 112018
 

Or did it just get a fresh coat of paint?

The news that a former Russian agent has been killed; almost certain by the Russian FSB. Think about it – who else would it be? Nobody else wanted him dead and Russian Today has been talking about how traitors in the UK will meet their end.

Russia has been subjected to secret police gangsters since the Tsarist era (the Okhrana). And yet whilst in the past, Russia’s leaders have supported the secret police, today’s leader (Vladimir Putin) is an old Chekist himself. Thus today’s FSB have less inclination to restrain themselves than any time in the past, and they didn’t show much restraint then!

Russia is today a rogue state prepared to resort to the kind of tactics that can lead to war, and it is not just their practice of killing traitors on foreign soil. Just look at their interference with the US election (we may not have a smoking gun, but plenty of Russian hands smell of cordite), the Ukrainian “adventures”, and suspicious activities in Syria.

In practice there is little we can do to change Russia; it has to come from within. All we can do is keep our defences up, try to avoid antagonising them, but not kowtow to their gangsterism either (a difficult line to balance).

Yes that means conventional arms, and unconventional defences too – Internet warfare can be dangerous or at the very least disruptive. And yes the spooks in the old-fashioned trenchcoats also need to get tooled up.

It also means not expanding NATO any more than it has already been.

Walking The Beach

Is Putin Another Hitler?

 General  No Responses »
Aug 152014
 

To anyone who is aware of the history of Nazi Germany’s actions leading up to Word War II, there’s something alarmingly familiar about Putin’s actions recently.

Germany lost a lot of territory after World War I, and Russia lost a lot of territory after the break-up of the Soviet Union.

Germany annexed Austria in what became known as the Anschluss, and in a quite similar move Russia annexed the Crimea.

Germany “rescued” the German minorities from “repression” in Czechoslovakia by annexing the parts of the country with large ethnic German populations; Russia appears to be trying the same thing in the eastern Ukraine.

It is probable that Putin is not trying to emulate Hitler by exterminating a whole “race” of people, but Hitler wasn’t considered to be a monster just because he tried to exterminate the Jews (and other minorities he didn’t like), but also because he was a military adventurer who provoked one of the deadliest wars in history.

And Putin does seem to be in the early stages of something like that.

 Older Entries