Thread replies: 15
Thread images: 2
Thread images: 2
File: really pepe.jpg (20KB, 306x306px) Image search:
[Google]
20KB, 306x306px
>open fail2ban.log for the first time
>hundreds of incidents daily of gooks trying to bruteforce my ssh password
>>
>>56062889
>not adding whole ipblock of China to iptables drop.
>>
honestly, what do they even gain from this
>>
>ssh password
>not key
Lmao
>>
>all servers that I manage inside network only reachable through VPN
>network admin has to deal with all this bullshit
feelsgood
>>
>>56063193
It's all automated attacks and if they succeed you just get added to a botnet to be used for spamming, DDoS attacks, proxies etc.
>>
Wtf I hate fail2ban now
>>
File: 2016-07-31-182936_455x730_scrot.png (41KB, 455x730px) Image search:
[Google]
41KB, 455x730px
>>56063299
do people really use those passwords that they try?
>>
>>56062889
and if you run a web server you will see botnets scanning for php shit that you havent even installed.
>>
>>56062889
welcome to the internet, circa 2008
where've you been
>>
>>56062889Aug 13 16:15:57 kana sshd[11294]: fatal: Unable to negotiate with <ip> port <port>: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
Hundreds of lines of this.
There's two things in my config that give them a bad time.
Firstly, you need a recent version of OpenSSH to connect. Running old crypto? Fuck you, you're not me. And this is being very generous.# /etc/ssh/sshd_config
KexAlgorithms [email protected],diffie-hellman-group-exchange-sha256
Ciphers [email protected],[email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr
MACs [email protected],[email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,[email protected]
Secondly:PasswordAuthentication no
100% keys. They will never get in. Really why would you ever use passwords.
But that's OK. They're looking for low-hanging fruit, not me, and there are, sadly, plenty of those around; you can tell because that's where all the spam comes via.
>>
>>56063736
>Really why would you ever use passwords.
they're perfectly fine so long as you use strong ones. No way they'll brute-force a 16-character random string.
>>
>>56063492
yes there are more idiots on the planet than you think
>>
>>56062889
>using passwords
>not blocking all IPs except the ranges assigned to your RIR/country
>not using port knocking
>>
>>56063879
it's completely retarded desu
Thread posts: 15
Thread images: 2
Thread images: 2