First Snowfall

Fall is all but over, and with Thanksgiving, winter takes over. We had our first real snowfall today. Started out as rain in the morning, then by noon had turned to snow up here.

20141126120516

The kids only had a half-day, so Joyce was home for the day, just stepping out before things got too heavy. I was at work until John let us go just before 2PM. While it was raining where I work in Woburn, the rain had turned to fat snowflakes by the time I got to the ‘128 / Rt 3 interchange, and then wet, heavy snow by the time I got home.

20141126150658_135

It has since tapered off. The plows have been by a couple of times, although it looks like we only got a few inches. Weather forecasters were predicting six inches or more, so we’re happy with the few we got.

I hear you knocking but you can’t come in…

Dad?

Yes, George, what is it?

I want to run a Minecraft server on my PC for my friends to log on and play Minecraft with me.

George, do you understand that doing that would require opening up access to your computer from the outside world?

Nobody’s going to notice our system unless we tell them.

Do you really think so?  How long do you think it will take before someone other than your friends notice the computer is available from the outside and start trying to break in to your PC server?

DAAAAAD! Nobody is ever going to notice!


Mar 29 00:08:59 UnixBSD sshd[58823]: input_userauth_request: invalid user shoutcast
Mar 29 00:09:00 UnixBSD sshd[58825]: input_userauth_request: invalid user svn
Mar 29 00:09:02 UnixBSD sshd[58827]: input_userauth_request: invalid user zabbix
Mar 29 00:09:03 UnixBSD sshd[58829]: input_userauth_request: invalid user oracle
Mar 29 00:09:04 UnixBSD sshd[58831]: input_userauth_request: invalid user nagios


Actually, it took about 15 minutes. Since opening up the login port to the outside world on the FreeBSD box at the end of March, we have recorded 76,168 separate (failed) login attempts onto our server. This does not include the nearly 40,000 separate (failed) login attempts onto the WordPress platform also running on this platform.

So who’s so interested in getting onto our system?  Although they don’t use their real name, here are the most popular names, in order of #2 through #24:

Name Attempts Name Attempts
admin 1,336 test 1,256
oracle 801 guest 661
nagios 608 postgres 426
ftpuser 356 zabbix 303
user 285 support 234
web 197 apache 195
ftp 180 git 173
ubnt 160 www-data 152
info 137 PlcmSpIp 136
ubuntu 131 a 130
jboss 128 tomcat 121
webmaster 117 student 116

And what is the most popular name to try to log in as? The big winner is “root”, with 44,428 attempts between March 29th and November 20th.

Since opening up this box to the outside world, I’ve been quite happy with the security it has shown, given a ‘little’ care in setting everything up. I actually look forward to seeing what entertaining names people try to use in logging in. I’ve also learned that if you’re going to allow access from the outside world, there are certain names which you should not use, such as ‘root’ for your system administrator or ‘superuser’ account.  So far, I’ve gathered 6,758 different names people (or more likely, automated programs) have used to try to gain access to our system.

And, yes, George did get his Minecraft server installed and made available to his friends, even though the name ‘minecraft’ was tried as a login name 62 times since last spring.

Kite flying with friends

George celebrated his birthday today with his friends. Rather than have a party, George decided he really wanted to invite some of his friends for an afternoon flying kites at the beach. Joyce gathered them all into the van, and off they went. Afterwards, they all came back here for a pasta dinner, cake, ice cream and movies for an evening ‘sleep over’.

George has good friends.

Upgrades and Downgrades

Gave up on upgrading the Gnome desktop environment, after it appeared to have broke the apache web server and associated components of WordPress. Had to strip out all of Gnome and all the components that appeared to be associated, and then rebuilt the server platform. After a few last glitches, it appears that all is running again. I will have to think about reinstalling any desktop environment.

Many thanks to ‘iceflatline’ (http://www.iceflatline.com/2011/11/how-to-install-apache-mysql-php-and-phpmyadmin-on-freebsd/) for his write-up on putting this all together.