On Sun, Oct 09, 2022 at 08:28:04AM +0200, Martin Husemann wrote:
> first and obvious thing you should make sure is that sshd is configured
> to not accept any kind of password based authentication
Absolutely. It's like that already.
Besides that, there is blacklistd.
--
Mayuresh
On Sat, Oct 08, 2022 at 09:40:48AM +0200, Michael van Elst wrote:
> No idea what kind of protection Hetzner is offering. But such attacks
> rarely qualify as DDOS, it's usually a single bot that does rapid login
> attempts. Sometimes you have several concurrent independent attacks.
I have not
On Fri, Oct 7, 2022 at 7:22 PM Mayuresh wrote:
>
> On Fri, Oct 07, 2022 at 02:14:09PM -, Michael van Elst wrote:
> > Someone is brute-forcing your account passwords.
>
> Thanks. I think blacklistd is protecting me.
>
> But doesn't this qualify as a DDOS attack? The VPS provider (Hetzner)
>
On Sat, Oct 08, 2022 at 07:51:48AM +0530, Mayuresh wrote:
> On Fri, Oct 07, 2022 at 02:14:09PM -, Michael van Elst wrote:
> > Someone is brute-forcing your account passwords.
>
> Thanks. I think blacklistd is protecting me.
>
> But doesn't this qualify as a DDOS attack? The VPS provider
On Fri, Oct 07, 2022 at 02:14:09PM -, Michael van Elst wrote:
> Someone is brute-forcing your account passwords.
Thanks. I think blacklistd is protecting me.
But doesn't this qualify as a DDOS attack? The VPS provider (Hetzner)
claims to provide DDOS protection. Shouldn't it have triggered
Michael van Elst wrote in
:
|mayur...@acm.org (Mayuresh) writes:
|
|>On NetBSD 9.2 amd64 VPS I noticed system slowness and top showed too many
|>ssh processes - 49 to be precise.
|
|>I have blacklistd enabled and approximately in every 2 to 3 minutes a new
|>IP address is getting blocked.
mayur...@acm.org (Mayuresh) writes:
>On NetBSD 9.2 amd64 VPS I noticed system slowness and top showed too many
>ssh processes - 49 to be precise.
>I have blacklistd enabled and approximately in every 2 to 3 minutes a new
>IP address is getting blocked.
>Using console access I stopped ssh
On Fri, Oct 07, 2022 at 07:09:51PM +0530, Mayuresh wrote:
> What explains the count of these processes and what precautions shall I be
> taking?
A related question. In ps I see a field such as [accepted] [net] [priv].
What is their meaning / where can I find their documentation?
--
Mayuresh
On NetBSD 9.2 amd64 VPS I noticed system slowness and top showed too many
ssh processes - 49 to be precise.
I have blacklistd enabled and approximately in every 2 to 3 minutes a new
IP address is getting blocked.
Using console access I stopped ssh service, killed sshd processes and
restarted. As