Hm. Over at the facesite I commented on a post about #bruteforce attacks on a commercial network product with a link to https://nxdomain.no/~peter/badness_enumerated_by_robots.html, and got a followup asking whether I have bruteforce protection "in front of" my ssh servers.

And this only hours after I scared the cat by LOL from seeing that the #pop3gropers are actively trying the local parts of my freshly random spamtraps (see https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html a bit down the page). #passwordgroping #cybercrime

Hm. Over at the facesite I commented on a post about #bruteforce attacks on a commercial network product with a link to https://nxdomain.no/~peter/badness_enumerated_by_robots.html, and got a followup asking whether I have bruteforce protection "in front of" my ssh servers.

And this only hours after I scared the cat by LOL from seeing that the #pop3gropers are actively trying the local parts of my freshly random spamtraps (see https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html a bit down the page). #passwordgroping #cybercrime

The long version of why you need key authentication for your SSH servers - "The Hail Mary Cloud and the lessons learned" https://nxdomain.no/~peter/hailmary_lessons_learned.html #ssh #passwordgroping #unix #linux #openbsd #freebsd #pf #packetfilter

Also The 4th edition of the Book of PF is coming soon: https://nxdomain.no/~peter/yes_the_book_of_pf_4th_ed_is_coming.html

The long version of why you need key authentication for your SSH servers - "The Hail Mary Cloud and the lessons learned" https://nxdomain.no/~peter/hailmary_lessons_learned.html #ssh #passwordgroping #unix #linux #openbsd #freebsd #pf #packetfilter

Also The 4th edition of the Book of PF is coming soon: https://nxdomain.no/~peter/yes_the_book_of_pf_4th_ed_is_coming.html

Happy "Logging in as users -, [ and $ day" to all who celebrate:

Jul 19 02:02:12 portal sshd-session[88959]: Failed password for invalid user - from 152.42.130.79 port 33738 ssh2
Jul 19 03:00:14 portal sshd-session[79691]: Failed password for invalid user [ from 152.42.130.79 port 41708 ssh2
Jul 19 03:58:56 portal sshd-session[6194]: Failed password for invalid user $ from 152.42.130.79 port 55398 ssh2

#ssh #passwordgroping #security #passwords #cybercrime #botnet

Happy "Logging in as users -, [ and $ day" to all who celebrate:

Jul 19 02:02:12 portal sshd-session[88959]: Failed password for invalid user - from 152.42.130.79 port 33738 ssh2
Jul 19 03:00:14 portal sshd-session[79691]: Failed password for invalid user [ from 152.42.130.79 port 41708 ssh2
Jul 19 03:58:56 portal sshd-session[6194]: Failed password for invalid user $ from 152.42.130.79 port 55398 ssh2

#ssh #passwordgroping #security #passwords #cybercrime #botnet