This server got hacked. It was used as a scanner for a couple days, attempting to break into other servers to test for vulnerabilities. I only discovered this because I attempted to access this server by the .onion domain that I have for it and it didn’t connect.
I’ve had a home server hacked before due to a user account with a I set up for my son with “an easy” password. I thought I learned that lesson. Apparently I did not with the server I have exposed to the interwebs.
Time to forensically breakdown the timeline of events.
Read More