This sounds like a challenge. Does the winner get a bottle of scotch?
:)
edit: actually, yes, the winner would get a bottle of scotch. I have had people that I know and trust, with my permission, attempt to gain external access to it, without success. Not claiming I'm any sort of netsec wizard, just that I have a layered defense of most common security precautions for anything that has a public static IP address these days. Nobody has been successful yet. It could theoretically be brought down by:
a) social engineering the ISP it's hosted at (unlikely, they know me, I know them)
b) physical removal (its reverse DNS gives no indication of where it's physically located other than within a major metro area, could be at one of about twenty different datacenters. all of which have reasonably good physical security in place).
c) false legal claims causing some legal authority to bring it down, theoretically possible, but unlikely given the strong EFF/ACLU supporting political stance of the owners of the ISP it's hosted at. They would fight anything short of a court order that they could be held in contempt of.
d) Extensive sustained DDoS. I don't have any enemies that would be interested in wasting a DDoS on this, but its upstreams have a LOT of extra peering and transit capacity to absorb DDoS up to the 150Gbps range.
e) hardware failure, it's not perfectly 1+1 redundant in everything. but I have backups of every VM that can be brought up fairly quickly on a temporary dedicated server in a new, different, geographically diverse location fairly quickly.
f) some terrible unknown zero day exploit on one of the few daemons that listens to the public interface, through which some method of accomplishing a user and then su/sudo root shell might be possible.
