Why China?

Portal Home > Knowledgebase > Articles Database > Why China?

Posted by Arc-Servers, 03-10-2010, 05:41 AM
We noticed after one of servers became under attack from DDOS that the attack was based from china. I've noticed that nearly all DDOS attacks are based in china... How come? i mean why china? Why not japan or USA?
Posted by comforthost, 03-10-2010, 05:47 AM
Too much people with too much free time? Too many students? Who knows, but I have china banned from my servers, except 1 server where I put people that specifically want to be accessible from there. And I live much better since I took that decision
Posted by andretenreiro, 03-10-2010, 06:23 AM
What software do you use to monitor if your servers are being DDOSed?
Posted by Arc-Servers, 03-10-2010, 06:33 AM
We use Nagios to monitor the servers.
Posted by jon-f, 03-10-2010, 04:14 PM
I would assume and be pretty correct in saying that a large percetage of pcs in countries like china, turkey and third world countries are ether: a. pirated windows b. very old and unpatched windows c. either of the above but servers instead of pcs Also I think the users in these countries may not be as internet savy as us in more developed countries and Id also assume many are too poor to buy third party antivirus software I would bet if you had some scanner scanning these third world and developing country ranges for even very old exploits you would find thousands that can be exploited remotely.
Posted by andretenreiro, 03-11-2010, 04:56 AM
With any plugin to detect Scans/DDOS?
Posted by NikolayM, 03-11-2010, 08:49 AM
I don't think the OS/Applications licenses are the reason for this. I believe it is something much more complicated. For example, in my country, most of the providers change user's IP on a simple request. Not to mention that before two years, 90% of the internet activity here were using dynamic IP's. So it is very difficult to be trace. Another reason is the laws. In such countries, most of the people worry about the corruption, thieves, serial killers. So if you try to law sue someone in the curt, the judge won't even understand the reason. In different countries like USA for example, the technology is on a high level and most of the users are aware and even if they do something illegal like DDoS, they will immediately got someone on their door knocking. I can even bet that most of the attacks, spam, etc.. from USA is from computers with viruses, while in these countries from the "third world", those spammers don't even try to hide themself. By the way, I don't live in a country from a "third world" and we have such activities here very often
Posted by david510, 03-11-2010, 08:59 AM
I feel, If they can get pirated OS, they can get lot of pirated/cracked antivirus software easily.
Posted by jweeb, 03-11-2010, 11:32 AM
Perhaps china is too big that one is easy to hide.
Posted by andretenreiro, 03-11-2010, 11:34 AM
China has 20% of the World Population... well... that's something!
Posted by VIPoint, 03-11-2010, 01:01 PM
China is gradually becoming base for organised hacking activities. The recent hack on Google shows that they are not afraid to hack google also. Yes they are the world's biggest population, but what concerns me is that they are growing fast in the webhosting industry too ..
Posted by Kusai, 03-11-2010, 01:55 PM
Oh yes china is becoming the epicenter of hacking activities and bulletproof hosting aka spam hosting.
Posted by Calypso747, 03-12-2010, 01:41 AM
Incorrect. You can buy Windows 7 for 1 USD on the street, including the "original" plastic case and cracked activation. The problem is somewhere else. Chinese police spend lots of time hunting for illegal activities against the government but they do not care if you do hacking against other country (unless somebody complains through diplomatic channels). There are enormous number of gangs engaging in cybercrime (thousands!), they even headhunt IT students from universities to help them. Not say about hackers elite hired/trained in Chinese army. Blocking traffic from China on hardware firewall is probably a good idea that can save you lots of troubles.
Posted by kenji.lee, 03-13-2010, 07:54 PM
Not only China ! Vietnam too, Indian too. Those countries have IT growing very fast, and a lot student want to try their skills - "they are hero". And Law at their countries ... I don't think they have Law
Posted by SSD-Greg, 03-13-2010, 09:43 PM
China has the biggest population, they have the most pirated os's etc. There taking over.
Posted by jon-f, 03-14-2010, 01:09 AM
For the ones who suggested that each of the chinese ips out there wreaking havoc on the net are perhaps users who are running this stuff manually on their pc, that is just plain foolish. I would again say what I said before and like perfectedhosting said - pirated oS and software are most likely root causes of why there are so many botted pcs in china Also with the users not being internet savvy, not being able to read in english, etc; could cause them to become more vulnerable users. Its just a fact that if you scan the ip ranges of third world and developing countries you will find much more vulnerable computers. I would bet money you could scan for 10 year old remote exploits and find tons. Which makes me think that most of the infected pcs over there are probably infected by multiple things, wonder how they dont notice it? You would think their pc would be lagging all to heck eh. Anyway, If users from China or other countries have no business on your site then there is no need to allow them. I find it best in situations like this to block everyone and only allow countries in which your users come from. China, Turkey and the whole of Africa are countries that most of us can do without. I think Nigeria is a country that the entire internet can do without. On another note I think that if these country's goverments do nothing to clean up or police their internet then they very well should be routed off the net
Posted by plumsauce, 03-14-2010, 01:27 AM
Both of your posts start from presumptions of fact which are questionable, to say the least.
Posted by robotronik, 03-14-2010, 06:37 AM
I have an extensive knowledge in DDoS and how it gets about. China has a huge population (Over 1.3billion) and as of 2009 384 million of them used internet. Now not many people would want to incriminate themselves for an attack apart from the completely stupid and an organised attack where many computers hit one server generally isn't a bunch of students saying lets all DoS this server. The computers used in China get infected by viruses just like any other computers worldwide if you are not careful you will get infected. So, China's internet usage is huge, lots of people in China get infected. Chances are the more systems their are to get infected the more infections there are going to be. Okay so say there are a lot of computers going around in China to get infected, these then get infected by viruses that have the ability to call a DDoS attack via remote control. Once these computers are infected they are then known as zombies. So say for example the hacker infects just 1/10,000th of the China Internet population that still gives him control of 3,840 systems. A pretty big DDoS attack i'm sure you will agree. So in conclusion, it's all down to population and chances of infection.
Posted by SunShellHosting, 03-14-2010, 06:52 AM
I found majority of hackers from Vietnam therefore we have blocked VN ips like an year ago. Chinese users are now making issues on our server as well. They host nulled scripts which are not optimized for low server resource usage , something called Discuzz if I remember correctly. We have already taken the decision to ban china on all our servers from tomorrow.
Posted by windywinter, 03-14-2010, 08:14 AM
Discuz is a famous php & mysql based forum script in China. If you have any care of Chinese users you'd know it. Well, it seems you don't. And for this I'll tell you a easier way to block Chinese users - just put a banner on your homepage saying "we support Dalai Lama" or "we love Falun Dafa", and the Chinese goverment will do it for you. In my point of view, this Discuz script is well tuned on performance and once you sold the resources on your server, you lost the right to concern how the renters use it unless they break the law or the tos. More important, this kind of action is called "regional discrimination" and it is very wrong.
Posted by ideamine, 03-18-2010, 09:02 AM
China has 20% of the World Population. Also India has very strong cyber laws, but heard that turkey is a base for hackers.
Posted by marcbarak, 03-18-2010, 10:06 AM
Pretty simple actually China is trying to break into every single server around the world
Posted by domainandhost, 03-18-2010, 10:18 AM
I cant talk for China and Vietnam but India has some stringent Cyber laws and raids on pirates are conducted frequently. And how often do you hear of attacks from India and Vietnam? what makes people think that blocking IPs would make your servers any safer with all the Proxy IP applications freely available on the internet? Last edited by domainandhost; 03-18-2010 at 10:22 AM.
Posted by smokin hostin, 01-21-2011, 07:38 PM
Well alot of this has allready being discussed. My views: China has MASSES of the population, also, they are very technically advanced. Most of the things in my house probably came from china, they dont care about any impact they have on the world. i also hear they have 100mb internet lines as standard, so bassically, imagine every house in your street has a 100mb dedicated server, haha, at least one of those houses will have unprotected internet, in england where i am we have just begun to get 50mb internet. i can walk around my street with my phone and find about 10 unprotected wifi points I really apologise, threads nearly a year old. i was half asleep,
Posted by funkywizard, 01-27-2011, 10:04 AM
I'm sorry but you're wrong. The "pirated windows == DDoS" is correct, for the simple reason that microsoft doesn't provide windows updates for pirated copies of windows. Without updates, most PCs are easily infected and brought into a botnet to perform DDoS attacks. Since a huge percentage of windows in China is pirated, and therefore doesn't have access to windows updates, you similarly see a much larger percentage of PCs becoming zombies for botnet attacks in that country as well.