Multiple login attempts from Chinese IPv4 every minute, how can it be cost-effective to operate these bots? Who leaves valuable things vulnerable to password bots in 2017? Pic related.
I don't understand. What is happening?
This is from the auth log of my server, which hosts no publicly available things and has no real traffic. It gets thousands of failed login attempts from Chinese IP addresses every day.
>be chink teen
>use elders wifi to bruteforce burgerland retards
>applesauce123, lovechad2017, mydogsnameijustpastedonfacebook
>?????
>pRoFiT
>notcost efficient
lol brainlet
>>59377080
>how can it be cost-effective to operate these bots?
Botnets are free for the owner
>>59377080
>how can it be cost-effective
Botnets are cheap. Like, really cheap. Like, "Here's some pocket change quarters for years of compute time" cheap.
>>59377306
Wow, I didn't realize it was that inexpensive. Thanks for the perspective, I'm still baffled by the number of login attempts from one city though.
>rename root to moot
problem solved
Just install fail2ban, disable root login from SSH and consider using key based authentication
>>59377473
who the fuck is moot?
>>59377080
>What is fail2ban.
>>59377831
is there a way to make fail2ban or equivalent not wait for three failures if someone tries "root" as the username? If you have root login disabled anyone trying to log in as that can be assumed to be malicious and booted immediately.
>>59377856
Don't say the Lord's name in vain.
>>59377080
Order expensive things from gearbest and do a chargeback with your credit card company. They speak such bad English they can't even dispute it. Fuck chinks.
>>59377080
Change your SSH port and enable public key only authentication, retard.
I changed to port <secret> on my ssh just because of this.
They say security through obscurity is a bad idea, I say, port knocking gets rid of literally every single bot on the internet.
>>59377856
Hes that guy that went nuts and killed a bunch of niggers.
>>59377115
make sure to ALWAYS disable root ssh access... make an account named "faggot" and login via that.. then once logged in switch to root account...
How many IP addresses are there? I'd guess about 15 million give or take. I'd say there are many machines going around trying to bruteforce ssh into the root accounts of the 15 million IP's that exist.
>>59379122
>Change your SSH port
also run a tarpitting fake sshd on the default port