Transcript from the "Read Auth.log" Lesson
>> Jem Young: And if you wanna see who, what type of,
>> Jem Young: Who allows hackers to exist, right? It's the internet, there are certain rules we follow. If I type in all caps, that means I'm yelling, if I do a /s, that means sarcasm. We all know these rules. So why are people always trying to break into my server?
[00:00:19] Or, where are they coming from? And attackers predominantly come from a few places in the world, where just these things are looks as it's okay if you do this. If you wanna see that, we can check our auth.log like we usually do. I pulled mine, and I just pulled a random IP address from there.
[00:00:38] And I'm gonna use the MaxMind GeoIP database. And it tells me that the attackers came from Singapore in China. And predominantly, this has nothing to do with the culture of the countries or anything like that. But a lot of attacks tend to come from Russia and Asia and the United States.
>> Jem Young: I just find it's interesting sometimes, where like, how do they even find me? Sometimes I'll see some from North Korea, which is like, what? [LAUGH] Okay, what do they care about me? But if you're curious, you can go to maxmind.com/en/geoip-demo, and then pull just a random IP from your from your auth.log.
[00:01:16] And just see where these attacks are coming from in the world.
>> Jem Young: Honestly, I think it's pretty brazen that they're not even gonna hide their IP address because they know nothing's going to be done about it. I can report them to the Singapore government, and they'll be like, yeah, we'll look into that.
[00:01:30] No, they won't.
>> Jem Young: But seems like an interesting country. Just let me know, like Tanzania, or something. Cuz that would be a new one, that would be cool.