[ale] Ouch goddamnit

lollipopman691 lollipopman691 at pm.me
Thu Aug 14 16:01:58 EDT 2025 

Not hacked, not invaded, AFAIK it's ok fine except for periodic massive DDOSing. It's an ongoing problem for a lot of webmasters -- a desultory DDG search yields hits like this one ( https://webmasters.stackexchange.com/questions/126781/why-is-my-regional-website-being-hit-by-thousands-of-chinese-ip-addresses ) and this one ( https://blog.talosintelligence.com/chinese-online-ddos-platforms/ ) . It's unlikely that anyone is targeting my site on purpose -- I'm just by-blow for some other idiots fighting each other I suspect.

- CHS

On Thursday, August 14th, 2025 at 12:50 PM, Raj Wurttemberg via Ale <ale at ale.org> wrote:

> Sorry to hear that your system got (possibly?) hacked. Yeah, fail2ban is an amazing tool. If I absolutely must have ssh open to the outside, I usually move ssh to a different port (yeah, you could still find it easily with a port scan), and I configure fail2ban.
>
> /Raj
>
> From: Ale <ale-bounces at ale.org> on behalf of lollipopman691 via Ale <ale at ale.org>
> Reply-To: Atlanta Linux Enthusiasts <ale at ale.org>
> Date: Thursday, August 14, 2025 at 11:24 AM
> To: Atlanta Linux Enthusiasts <ale at ale.org>
> Cc: lollipopman691 <lollipopman691 at pm.me>
> Subject: [ale] Ouch goddamnit
>
> More assholes from China bringing my site down. When I rebooted, I couldn't help but notice that my uptime(1) stats were spiking into the double-digit range and the system was becoming unresponsive.
>
> I wrote a quick and simple script to figure out who these guys are so I can block them at the AWS firewall. If anyone else can use it, here ( https://tomshiro.org/foswiki/ALE/BadActorScript ) 'tis.
>
> Looks like if I am _really_ clever I might-could figure out a way to let fail2ban(1) handle this automagically. A project for another day.
>
> -- CHS
>
> _______________________________________________
>
> Ale mailing list
>
> Ale at ale.org
>
> https://mail.ale.org/mailman/listinfo/ale
>
> See JOBS, ANNOUNCE and SCHOOLS lists at
>
> http://mail.ale.org/mailman/listinfo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.ale.org/pipermail/ale/attachments/20250814/253d4fca/attachment.htm>

More information about the Ale mailing list