<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Was it a ... "horribly configured" PHP application :) ?<br>
</p>
<div class="moz-cite-prefix">On 2019-12-29 12:34 p.m., Ron Singh
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CALQNZN4K8h-5evmsfPB0dE6P=1=h75-kESUzH58BzzdEs1SRHw@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div class="gmail_default" style="font-family:tahoma,sans-serif">From
a non-techy/new-ish to Linux guy's perspectrive, what do I
take away from this bit of "follow the bouncing ball"?</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif">
153.126.166.203 (<a
href="http://ik1-319-19699.vs.sakura.ne.jp" target="_blank"
moz-do-not-send="true">ik1-319-19699.vs.sakura.ne.jp</a>)</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif">gives
me this:<br>
________________________________________________________________<br>
</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif">
<h1>Welcome to nmp3000's site</h1>
<p>yukkuri goran kudasai</p>
</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif">________________________________________________________________<br>
</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif">and
googling nmp3000, I get this twitter user as a top hit and he
seems to be a Linux-y kind of guy in Japan:</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif"><a
href="https://twitter.com/nmp3000" moz-do-not-send="true">https://twitter.com/nmp3000</a></div>
<div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif">No
idea if there is any meaning to be gleaned from this, but I
thought it might be mildly interesting. I do wonder if that
fella's site is hacked and someone is using his url for
dastardly deeds. I am not at all savvy about how these things
work, but I thought it curious.<br>
</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
</div>
<div>
<div dir="ltr" class="gmail_signature"
data-smartmail="gmail_signature">
<div dir="ltr">
<div>Thanks,<br>
<br>
Ron Singh<br>
<br>
</div>
</div>
</div>
</div>
<br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Sun, Dec 29, 2019 at 12:06
PM Khalid Baheyeldin <<a href="mailto:kb@2bits.com"
moz-do-not-send="true">kb@2bits.com</a>> wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div>Here is an example from the scary internet ... <br>
</div>
<div><br>
</div>
<div>From today's logs of a server I manage (via logwatch):</div>
<div><br>
</div>
<div> Failed logins from:<br>
<a href="http://92.246.17.5" target="_blank"
moz-do-not-send="true">92.246.17.5</a>: 1 time<br>
95.88.219.197 (<a
href="http://ip5f58dbc5.dynamic.kabel-deutschland.de"
target="_blank" moz-do-not-send="true">ip5f58dbc5.dynamic.kabel-deutschland.de</a>):
1 time<br>
153.126.166.203 (<a
href="http://ik1-319-19699.vs.sakura.ne.jp"
target="_blank" moz-do-not-send="true">ik1-319-19699.vs.sakura.ne.jp</a>):
1 time<br>
<br>
Illegal users from:<br>
undef: 3 times<br>
<a href="http://12.22.203.226" target="_blank"
moz-do-not-send="true">12.22.203.226</a>: 1 time<br>
63.142.97.181 (<a
href="http://63-142-97-63-142-97-181.cpe.sparklight.net"
target="_blank" moz-do-not-send="true">63-142-97-63-142-97-181.cpe.sparklight.net</a>):
1 time<br>
<a href="http://92.246.17.5" target="_blank"
moz-do-not-send="true">92.246.17.5</a>: 2 times<br>
97.84.76.88 (<a
href="http://97-84-76-88.dhcp.snlo.ca.charter.com"
target="_blank" moz-do-not-send="true">97-84-76-88.dhcp.snlo.ca.charter.com</a>):
1 time<br>
<a href="http://115.160.163.195" target="_blank"
moz-do-not-send="true">115.160.163.195</a>: 2 times<br>
142.4.208.131 (<a
href="http://ns502558.ip-142-4-208.net" target="_blank"
moz-do-not-send="true">ns502558.ip-142-4-208.net</a>): 1
time<br>
153.126.141.19 (<a
href="http://ik1-306-13265.vs.sakura.ne.jp"
target="_blank" moz-do-not-send="true">ik1-306-13265.vs.sakura.ne.jp</a>):
1 time</div>
<div><br>
</div>
<div>These are all ssh login attempts from various IP
addresses.</div>
<div><br>
</div>
</div>
_______________________________________________<br>
kwlug-disc mailing list<br>
<a href="mailto:kwlug-disc@kwlug.org" target="_blank"
moz-do-not-send="true">kwlug-disc@kwlug.org</a><br>
<a
href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org"
rel="noreferrer" target="_blank" moz-do-not-send="true">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a><br>
</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
kwlug-disc mailing list
<a class="moz-txt-link-abbreviated" href="mailto:kwlug-disc@kwlug.org">kwlug-disc@kwlug.org</a>
<a class="moz-txt-link-freetext" href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a>
</pre>
</blockquote>
<div class="moz-signature">-- <br>
Mikalai Birukou <br>
CEO | 3NSoft Inc.</div>
</body>
</html>