I started working on a project and needed a server. A server is another name for a headless (no screen/keyboard/mouse) computer normally run in an automated fashion. It does stuff without human intervention… after a human writes a program to show it how.
Instead of buying another box I chose to lease a tiny virtual server from Linode. They are known for incredibly fast web connections. My app will be downloading lots of data. Speed matters. For $12.50/month how can I go wrong?
The image above is what I saw logging in to the server a few minutes ago. That’s 596 failed login attempts in a bit over two hours. If you do the math, it comes out to a lot!
This constant twisting of my server’s doorknob is unwelcome but not unexpected. The server contains nothing of value. These are random opportunistic probes.
The bots banging on my door are probably surprised to find a server there at all. Until Tuesday it didn’t exist. Its IP address connected to nothing. Think dialing a number that’s out-of-service.
The last login attempt is listed coming from 220.127.116.11. That IP address is controlled by Chinanet. They assigned it to someone or come company in Jiangasu Province, just north of Shanghai.
Even a random and probably worthless server like mine is ripe for exploring. A small weakness in its protection might leave the bot herder in control. A server and fast Internet connection are very valuable. Or there might be randomly valuable data using ‘security by obscurity.’
If my worthless server is being queried like this, imagine what goes on where valuable data is stored or valuable items are controlled! This stuff is not going away.
The Internet is much more Wild West than you think.
3 thoughts on “Servers And Hackers Oh My”
I’ve seen similar attempts on my website, except they use a fake address, such as http://teddriver.net/sharebutton.to. the sharebutton.to page does not exist anywhere on my site – I’m not sure what they get out of hitting a bad URL on my server? Also, most of my hits are from Russia, from domain names like this: “Secret.ɢoogle.com You are invited! Enter only with this ticket URL. Copy it. Vote for Trump!” or “Congratulations to Trump and all americans”. Other have appeared as well. Any idea what these are about?
Agree with your wild west statement!
I had ab IT in CT who in 2010 set-up a super highway internet system for me in my basement office including all gadgets among them the server of time whereby I could show any document etc. in San Diego or wherever VIA my server – GREAT? NOT! Problem IS anyone can hack into my server as my IT proved to me – THUS – when I relocated to Treasure Coast in Florida – I opted to NOT use server for my business projects and ONLY employ traditional computer operations AND feel safe and secure NO ONE can HACK my system. Today, too many PC wizards have designed programs to hack into any PC with a server.
I administer a vBulletin site (http://forum.wtfda.org). I can login anytime and see bots trying to register or get access to pages they aren’t allowed to see. Even if one managed to register, they’d be faced with one of 10 questions I’ve created that relate to that website and they aren’t easy (you could probably answer them…maybe). I’ve had a handful of users complain that they’re too hard, but I’d rather keep them hard than have the site compromised. Yes, the internet is a bizarre place.