Among the ridiculous projects I have had out in the open, the most long running one is called perispomeni.club. It is a dead simple, tiny linux machine inspired by Paul Ford’s tilde.club. People respectfully use together that machine in their shared quest to learn and build awesome web pages.
However it was a surprise when one of the users sent me a private email with a security concern.
Here I must mention that the pattern you can spot when reading this and my previous post is purely coincidental. I will stop with the email fanfare, I promise. On with the email:
Subject: Strange connection or only my imagination?
I have noticed a very strange connection to your server from various ip address which are also listed in block ip for previous abouse pages you should check:
Both are from china, they connect to your server port on 22 but strangely they do not show up as user.
As one might notice, this is not good. I should dig in. Continue reading “Surviving an attack from the Chinese”