Possibly not blogworthy, but: One puzzling side effect of running greytrapping (as chronicled in https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html) is seeing the uptick in password guessing using even the obviously generated gibberish local parts, and the sheer volume of tries (see https://nxdomain.no/~peter/should_i_stop_caring_and_let_ip_reputation_sort_them_out.html and links therein). #greytrapping #passwordguessing #passwordgroping #spamd #ssh #pop3gropers
Stefano Marinelli
boosted
Hm. Over at the facesite I commented on a post about #bruteforce attacks on a commercial network product with a link to https://nxdomain.no/~peter/badness_enumerated_by_robots.html, and got a followup asking whether I have bruteforce protection "in front of" my ssh servers.
And this only hours after I scared the cat by LOL from seeing that the #pop3gropers are actively trying the local parts of my freshly random spamtraps (see https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html a bit down the page). #passwordgroping #cybercrime
Hm. Over at the facesite I commented on a post about #bruteforce attacks on a commercial network product with a link to https://nxdomain.no/~peter/badness_enumerated_by_robots.html, and got a followup asking whether I have bruteforce protection "in front of" my ssh servers.
And this only hours after I scared the cat by LOL from seeing that the #pop3gropers are actively trying the local parts of my freshly random spamtraps (see https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html a bit down the page). #passwordgroping #cybercrime
Stefano Marinelli
boosted
The long version of why you need key authentication for your SSH servers - "The Hail Mary Cloud and the lessons learned" https://nxdomain.no/~peter/hailmary_lessons_learned.html #ssh #passwordgroping #unix #linux #openbsd #freebsd #pf #packetfilter
Also The 4th edition of the Book of PF is coming soon: https://nxdomain.no/~peter/yes_the_book_of_pf_4th_ed_is_coming.html
The long version of why you need key authentication for your SSH servers - "The Hail Mary Cloud and the lessons learned" https://nxdomain.no/~peter/hailmary_lessons_learned.html #ssh #passwordgroping #unix #linux #openbsd #freebsd #pf #packetfilter
Also The 4th edition of the Book of PF is coming soon: https://nxdomain.no/~peter/yes_the_book_of_pf_4th_ed_is_coming.html
Stefano Marinelli
boosted
Happy "Logging in as users -, [ and $ day" to all who celebrate:
Jul 19 02:02:12 portal sshd-session[88959]: Failed password for invalid user - from 152.42.130.79 port 33738 ssh2
Jul 19 03:00:14 portal sshd-session[79691]: Failed password for invalid user [ from 152.42.130.79 port 41708 ssh2
Jul 19 03:58:56 portal sshd-session[6194]: Failed password for invalid user $ from 152.42.130.79 port 55398 ssh2
#ssh #passwordgroping #security #passwords #cybercrime #botnet
Happy "Logging in as users -, [ and $ day" to all who celebrate:
Jul 19 02:02:12 portal sshd-session[88959]: Failed password for invalid user - from 152.42.130.79 port 33738 ssh2
Jul 19 03:00:14 portal sshd-session[79691]: Failed password for invalid user [ from 152.42.130.79 port 41708 ssh2
Jul 19 03:58:56 portal sshd-session[6194]: Failed password for invalid user $ from 152.42.130.79 port 55398 ssh2
#ssh #passwordgroping #security #passwords #cybercrime #botnet