So on Friday 14th all hell broke loose due to my server being attacked. This in turn took down every site attached to it (around 15-20), a couple gameservers and a voice chat server.
At 21:03, I recieve this email
Please stop this or your server will be disconnected.
“List of attacks to other server.”
I probably don’t need to explain that this was sent approximately 1 minute before they acted on their word and disconnected the server. The Laughing Wolf was offline.
I didn’t recieve this email until I got everything back online at around 03:20 the next morning. Based on the information recieved from the datacenter and from the logs on the server, my machine was an unwitting accomplice in a DDOS (Distributed Denial Of Service) to some company in the States (sorry America, I didn’t know I promise).
Now, techy and geeky as I am, my linux skills are just about on a par with my underwater basket weaving skills. Basically, after I thought it would be a great idea to get my own server and install linux on it, I then realised I had to get the thing configured. I managed this with a little help from people on the net, google and a whole lot of luck. As a result, when the box was up and working, I was terrified to change anything in case it didn’t work again.
I therefore subscribed to the mantra “If it ain’t broke, don’t fix it”.
Now, whilst this may work for your TV that you have to tape the power button down on, unfortunately, even the most technically naive soul will be able to tell you that security updates to software happen for a reason…
So anyway, after about 6 hours of work, trawling through logs and files that, frankly, I have no real understanding of, I start to see a pattern of new users, groups and services running on the server. I duly remove these and a weary Laughing Wolf limps back onto the interweb.
A day goes by and all appears well. Another day passes and I am feeling pretty confident. By Tuesday morning, the server is still up, I check my email, pat myself on the back and head to work as norml.
Arriving at work, I quickly check my email again….no response, server down. Bollocks.
A quick call to the server host confirms that the attack started up again.
So, to cut a long story slightly less long. I spent Tuesday night after work until Wednesday morning at 05:30 rebuilding the thing from scratch with a completely new (and up to date) operating system, with all new (and up to date) software.
Just in time to start painting my apartment for the impending move.
- Was I semi-useless – Yes
- Am I glad that I had 2 friends to pick up the slack – Yes
- Is my apartment now a pearly, blinding white – Yes
I better get going as there is more painting to be done. More stories from my past soon and I may even have something mildly amusing.