SSH-eesh

thecrazygm in #linux • 2 days ago

This is getting out of hand

I know that security is something to take seriously, and I often try to do my best at keeping things safe. Are there things I could do better, sure. But even the most minimal setup can sometimes spare you a lot of headache down the road.

One of the best things you can do after setting up a Linux server is install and configure fail2ban.

That's a lot of attempts!

I recommend at least turning on the ssh filter, in your jail.local

[DEFAULT]
ignoreip = 127.0.0.1/8 ::1 192.168.1.1/24
bantime = 1h
bantime.increment = true
bantime.factor = 2
findtime = 10m
maxretry = 3

[sshd]
enabled = true

Give them 3 tries to login and ban them for an hour, then exponentially double it if they keep at it.

Also don't forget to enable any other services you might have open as well, the sample that comes with fail2ban has a good number of services you can turn on.

Turn it on:

sudo systemctl enable fail2ban.service --now

Who's doing this?

What did I ever do to you China?

I'm pretty sure a lot of it is botnets, I've seen almost that entire IP block in my logs at one time or another.

Does anyone find this kind of thing useful?

I'll do more of these simple P.S.A. if people seem interested. I'm still trying to find my footing on writing. I just happened to be doing my daily stuff and saw that log and thought it was a bit much. I can't even imagine what my logs would look like if I didn't turn that stuff on.

#dev #income #tribes #archon #proofofbrain #security

2 days ago in #linux by thecrazygm

0.00 ARCHON

Sort:

Trending

[-]

roleerob yesterday

Finding your content via @ecoinstant ...

"... if people seem interested."

... I certainly find it interesting!

China. Wow, if you had given us all one guess, what % of your respondents would've guessed this country? Along with their puppet North Korea, it is very sad the damage caused by these 2 countries relentless cyber warfare ...

With a family member at a global level of responsibility for cyber security, in their position inside a global giant, as much as they can share and remain in compliance with their confidentiality agreements, we hear about China a lot ...

What is your view of using Linux vs. Microsoft's Windows 11 Professional OS? With the coming of embedded AI (whether we think we've opted out or not), I have read in other places about the value of Linux to protect oneself, but ... Seems the learning curve is awful steep!

0.00 ARCHON

11 votes

[-]

thecrazygm yesterday

I don't know about my respondents, but I'm not surprised personally. I see a lot of places like The Netherlands, and other European countries, but I'm fairly certain that's just North Korea or China behind a VPN. I do on occasion see Russia or previous Soviet Union areas, but nothing like the CN bots.

What is your view of using Linux vs. Microsoft's Windows 11 Professional OS? With the coming of embedded AI (whether we think we've opted out or not), I have read in other places about the value of Linux to protect oneself, but ... Seems the learning curve is awful steep!

I honestly can't answer that question. I've been 100% Linux user since the mid 90s, other than what little I use the computer at work, and the time I worked at a computer store fixing PCs (99% virus removal, XP days).

re: AI, I'm a big fan of AI, if it's actually embedded and the data doesn't go anywhere (yeah, right) I don't see any issue, it's the willingly handing over personal information that I have an issue with.

re: Learning curve, it is, not going to lie. They have been moving the bar to "more friendly for new people" in the last few years, and I have been able to play games with little to no issue (which was a huge pain point a few years ago) so, I would say it's progress, but they really need to look at Apple to get the right idea, it's Unix based to, and a LOT of their users are pretty oblivious to that fact, and it is user friendly.

Thanks @ecoinstant , keep bringing them to me :)

0.00 ARCHON

9 votes

[-]

roleerob 20 hours ago

Very good. Thank you for your comprehensive response (my upvotes are meaningless or I would provide a big one).

"... and the data doesn't go anywhere (yeah, right) ..."

"... it's the willingly handing over personal information ..."

Exactly. While making no claim to being an AI expert, it is inconceivable to me that a legitimate claim could be made that your data does not go anywhere.

Leaving us with the all-important question of whether or not we can / should trust:

That the poor end user can even find the setting where we are supposedly given the freedom to opt out.

That "Opt Out" is actually a valid ... "option" ... Which begs the question? Why don't the Googles of the world make this controversial decision an OPT IN decision instead?

That there is anyone capable of performing an ... "objective, unbiased" ... audit confirming there is true compliance with anyone choosing to ... "opt out" ...

Anyway, on we go. Thank you for the details re: Linux and confirming any switch over to that OS would not be a "faint of heart" exercise. I wish it wasn't needed ...

0.00 ARCHON

2 votes

[-]

fjworld 2 days ago

I find it interesting for sure.
!LOLZ
!PIZZA

0.00 ARCHON

9 votes

[-]

lolzbot 2 days ago

lolztoken.com

Comic Sans walks into a pub
The bartender shouts Geto out of my pub! We don’t serve your type!
_{Credit: ifiwasfrank}
@thecrazygm, I sent you an $LOLZ on behalf of fjworld

(8/10)

PLAY & EARN $DOOM

0.00 ARCHON

[-]

pizzabot 2 days ago

PIZZA!

$PIZZA slices delivered:
@fjworld_(5/20) tipped @thecrazygm

0.00 ARCHON