<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <p>Was it a ... "horribly configured" PHP application :) ?<br>
    </p>
    <div class="moz-cite-prefix">On 2019-12-29 12:34 p.m., Ron Singh
      wrote:<br>
    </div>
    <blockquote type="cite"
cite="mid:CALQNZN4K8h-5evmsfPB0dE6P=1=h75-kESUzH58BzzdEs1SRHw@mail.gmail.com">
      <meta http-equiv="content-type" content="text/html; charset=UTF-8">
      <div dir="ltr">
        <div class="gmail_default" style="font-family:tahoma,sans-serif">From
          a non-techy/new-ish to Linux guy's perspectrive, what do I
          take away from this bit of "follow the bouncing ball"?</div>
        <div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
        </div>
        <div class="gmail_default" style="font-family:tahoma,sans-serif"> 
            153.126.166.203 (<a
            href="http://ik1-319-19699.vs.sakura.ne.jp" target="_blank"
            moz-do-not-send="true">ik1-319-19699.vs.sakura.ne.jp</a>)</div>
        <div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
        </div>
        <div class="gmail_default" style="font-family:tahoma,sans-serif">gives
          me this:<br>
________________________________________________________________<br>
        </div>
        <div class="gmail_default" style="font-family:tahoma,sans-serif">
          <h1>Welcome to nmp3000's site</h1>
          <p>yukkuri goran kudasai</p>
        </div>
        <div class="gmail_default" style="font-family:tahoma,sans-serif">________________________________________________________________<br>
        </div>
        <div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
        </div>
        <div class="gmail_default" style="font-family:tahoma,sans-serif">and
          googling nmp3000, I get this twitter user as a top hit and he
          seems to be a Linux-y kind of guy in Japan:</div>
        <div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
        </div>
        <div class="gmail_default" style="font-family:tahoma,sans-serif"><a
            href="https://twitter.com/nmp3000" moz-do-not-send="true">https://twitter.com/nmp3000</a></div>
        <div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
        </div>
        <div class="gmail_default" style="font-family:tahoma,sans-serif">No
          idea if there is any meaning to be gleaned from this, but I
          thought it might be mildly interesting. I do wonder if that
          fella's site is hacked and someone is using his url for
          dastardly deeds. I am not at all savvy about how these things
          work, but I thought it curious.<br>
        </div>
        <div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
        </div>
        <div>
          <div dir="ltr" class="gmail_signature"
            data-smartmail="gmail_signature">
            <div dir="ltr">
              <div>Thanks,<br>
                <br>
                Ron Singh<br>
                <br>
              </div>
            </div>
          </div>
        </div>
        <br>
      </div>
      <br>
      <div class="gmail_quote">
        <div dir="ltr" class="gmail_attr">On Sun, Dec 29, 2019 at 12:06
          PM Khalid Baheyeldin <<a href="mailto:kb@2bits.com"
            moz-do-not-send="true">kb@2bits.com</a>> wrote:<br>
        </div>
        <blockquote class="gmail_quote" style="margin:0px 0px 0px
          0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
          <div dir="ltr">
            <div>Here is an example from the scary internet ... <br>
            </div>
            <div><br>
            </div>
            <div>From today's logs of a server I manage (via logwatch):</div>
            <div><br>
            </div>
            <div> Failed logins from:<br>
                  <a href="http://92.246.17.5" target="_blank"
                moz-do-not-send="true">92.246.17.5</a>: 1 time<br>
                  95.88.219.197 (<a
                href="http://ip5f58dbc5.dynamic.kabel-deutschland.de"
                target="_blank" moz-do-not-send="true">ip5f58dbc5.dynamic.kabel-deutschland.de</a>):
              1 time<br>
                  153.126.166.203 (<a
                href="http://ik1-319-19699.vs.sakura.ne.jp"
                target="_blank" moz-do-not-send="true">ik1-319-19699.vs.sakura.ne.jp</a>):
              1 time<br>
              <br>
               Illegal users from:<br>
                  undef: 3 times<br>
                  <a href="http://12.22.203.226" target="_blank"
                moz-do-not-send="true">12.22.203.226</a>: 1 time<br>
                  63.142.97.181 (<a
                href="http://63-142-97-63-142-97-181.cpe.sparklight.net"
                target="_blank" moz-do-not-send="true">63-142-97-63-142-97-181.cpe.sparklight.net</a>):
              1 time<br>
                  <a href="http://92.246.17.5" target="_blank"
                moz-do-not-send="true">92.246.17.5</a>: 2 times<br>
                  97.84.76.88 (<a
                href="http://97-84-76-88.dhcp.snlo.ca.charter.com"
                target="_blank" moz-do-not-send="true">97-84-76-88.dhcp.snlo.ca.charter.com</a>):
              1 time<br>
                  <a href="http://115.160.163.195" target="_blank"
                moz-do-not-send="true">115.160.163.195</a>: 2 times<br>
                  142.4.208.131 (<a
                href="http://ns502558.ip-142-4-208.net" target="_blank"
                moz-do-not-send="true">ns502558.ip-142-4-208.net</a>): 1
              time<br>
                  153.126.141.19 (<a
                href="http://ik1-306-13265.vs.sakura.ne.jp"
                target="_blank" moz-do-not-send="true">ik1-306-13265.vs.sakura.ne.jp</a>):
              1 time</div>
            <div><br>
            </div>
            <div>These are all ssh login attempts from various IP
              addresses.</div>
            <div><br>
            </div>
          </div>
          _______________________________________________<br>
          kwlug-disc mailing list<br>
          <a href="mailto:kwlug-disc@kwlug.org" target="_blank"
            moz-do-not-send="true">kwlug-disc@kwlug.org</a><br>
          <a
            href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org"
            rel="noreferrer" target="_blank" moz-do-not-send="true">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a><br>
        </blockquote>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <pre class="moz-quote-pre" wrap="">_______________________________________________
kwlug-disc mailing list
<a class="moz-txt-link-abbreviated" href="mailto:kwlug-disc@kwlug.org">kwlug-disc@kwlug.org</a>
<a class="moz-txt-link-freetext" href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a>
</pre>
    </blockquote>
    <div class="moz-signature">-- <br>
      Mikalai Birukou <br>
      CEO | 3NSoft Inc.</div>
  </body>
</html>