ssh login attempts is working,
but I have noticed another odd thing—the large number of TCP connections in the
This is indicitive of a
but what's weird is that it's not from any one source,
but scores of sources.
And it's not enough to actually bring down my server.
I spent a few hours playing “whack-a-mole” with the attacks, blocking large address spaces from connection to my server, only to have the attack die down for about five minutes then kick back up from a score of different blocks. The only thing in common is that all the blocks seem to be from Europe.
And this is what I don't understand about this attack.
It's not large enough to bring down my server
(although I have
SYN cookies enabled and that might be keeping this at bay)
and it's from all over European IP space.
I don't get who's getting attacked here.
It could easily be spoofed packets being sent,
but what's the goal here?
It's all very weird.
I tends towards procrastination. I hate it, yet I do it. Or don't do it … depending on how you want to look at things. I don't think I can verbalize why I do it, but this video on doing that one thing pretty much sums it up, I think. Only my one thing isn't the one thing in the video.
Anyway, to stop this habit, I might have to try The 10 Minute Rule, where you give a task 10 minutes a day. Over time, it'll get done.
Perhaps I'll start tomorrow.