[ale] Ouch goddamnit

Chuck Payne terrorpup at gmail.com
Thu Aug 14 17:13:00 EDT 2025 

On Thu, Aug 14, 2025 at 4:02 PM lollipopman691 via Ale <ale at ale.org> wrote:

> Not hacked, not invaded, AFAIK it's ok fine except for periodic massive
> DDOSing.  It's an ongoing problem for a lot of webmasters -- a desultory
> DDG search yields hits like this one (
> https://webmasters.stackexchange.com/questions/126781/why-is-my-regional-website-being-hit-by-thousands-of-chinese-ip-addresses
> ) and this one (
> https://blog.talosintelligence.com/chinese-online-ddos-platforms/ ) .
> It's unlikely that anyone is targeting my site on purpose -- I'm just
> by-blow for some other idiots fighting each other I suspect.
>
>
>    - CHS
>
>
>
>
>
> On Thursday, August 14th, 2025 at 12:50 PM, Raj Wurttemberg via Ale <
> ale at ale.org> wrote:
>
> Sorry to hear that your system got (possibly?) hacked. Yeah, fail2ban is
> an amazing tool. If I absolutely must have ssh open to the outside, I
> usually move ssh to a different port (yeah, you could still find it easily
> with a port scan), and I configure fail2ban.
>
>
>
> /Raj
>
>
>
> *From: *Ale <ale-bounces at ale.org> on behalf of lollipopman691 via Ale <
> ale at ale.org>
> *Reply-To: *Atlanta Linux Enthusiasts <ale at ale.org>
> *Date: *Thursday, August 14, 2025 at 11:24 AM
> *To: *Atlanta Linux Enthusiasts <ale at ale.org>
> *Cc: *lollipopman691 <lollipopman691 at pm.me>
> *Subject: *[ale] Ouch goddamnit
>
>
>
> More assholes from China bringing my site down.  When I rebooted, I
> couldn't help but notice that my uptime(1) stats were spiking into the
> double-digit range and the system was becoming unresponsive.
>
>
>
> I wrote a quick and simple script to figure out who these guys are so I
> can block them at the AWS firewall.  If anyone else can use it, here (
> https://tomshiro.org/foswiki/ALE/BadActorScript ) 'tis.
>
>
>
> Looks like if I am _really_ clever I might-could figure out a way to let
> fail2ban(1) handle this automagically. A project for another day.
>
>
>
> -- CHS
>
> _______________________________________________
>
> Ale mailing list
>
> Ale at ale.org
>
> https://mail.ale.org/mailman/listinfo/ale
>
> See JOBS, ANNOUNCE and SCHOOLS lists at
>
> http://mail.ale.org/mailman/listinfo
>
>
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> https://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>


I had free server, someone find it. Just send I get pings with data (ping
-m) and my free server when up to 100 bucks.

Fail2bail or lock it down so that only your ip range can access it.

-- 
Terror PUP a.k.a
Chuck "PUP" Payne
-----------------------------------------
Discover it! Enjoy it! Share it! openSUSE Linux.
-----------------------------------------
openSUSE -- Terrorpup
openSUSE Advocate/openSUSE Member
x/mastodon.social -- @terrorpup
dicord -- terrorpup#3550
bluesky -- @terrorpup967.bsky.social
uglyscale.press
Register Linux Userid: 155363

openSUSE Community Member since 2008.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.ale.org/pipermail/ale/attachments/20250814/a4345c9d/attachment.htm>

More information about the Ale mailing list