Hi, On Wed, Feb 15, 2023 at 05:43:12PM +0100, Jan Just Keijser wrote: > Having port 22 open on the internet is asking for bots & script kiddies > to try and break in, but usually fail2ban takes care of it quite nicely.
Unfortunately, the botnets have become smarter. We observe that we're
only seeing 2-3 password attempts per source IP, and then a new bot
comes testing (and this one moves on to the next server) - so fail2ban
does not kick in as often as it should be.
So, whatever you do: do not allow password auth on a "internet reachable"
sshd...
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
