I started working on a project and needed a server. A server is another name for a headless (no screen/keyboard/mouse) computer normally run in an automated fashion. It does stuff without human intervention… after a human writes a program to show it how.
Instead of buying another box I chose to lease a tiny virtual server from Linode. They are known for incredibly fast web connections. My app will be downloading lots of data. Speed matters. For $12.50/month how can I go wrong?
The image above is what I saw logging in to the server a few minutes ago. That’s 596 failed login attempts in a bit over two hours. If you do the math, it comes out to a lot!
This constant twisting of my server’s doorknob is unwelcome but not unexpected. The server contains nothing of value. These are random opportunistic probes.
The bots banging on my door are probably surprised to find a server there at all. Until Tuesday it didn’t exist. Its IP address connected to nothing. Think dialing a number that’s out-of-service.
The last login attempt is listed coming from 220.127.116.11. That IP address is controlled by Chinanet. They assigned it to someone or come company in Jiangasu Province, just north of Shanghai.
Even a random and probably worthless server like mine is ripe for exploring. A small weakness in its protection might leave the bot herder in control. A server and fast Internet connection are very valuable. Or there might be randomly valuable data using ‘security by obscurity.’
If my worthless server is being queried like this, imagine what goes on where valuable data is stored or valuable items are controlled! This stuff is not going away.
The Internet is much more Wild West than you think.