>be me
>own a vps
>haven't used it for a month
>login today
>some chink has been trying to log in 300+ times
>what do?
Help me Jow Forums
Joseph Stewart
Other urls found in this thread:
github.com
twitter.com
Luis Long
move ssh to random port, that cut ssh login attempts at mine to 0.
Colton Rivera
Hack into his mainframe with an OBD Zer0-day exploit and flush his memram via Skepter.
Nathan Gonzalez
range ban china and russia
Aiden Wright
sounds legit anons, im a brainlet how do I do this
Joshua Perry
idk google it lmoa
Dylan Rogers
/etc/ssh/sshd_config and google
but to answer your original question; nothing, as long as your setup is decent. use pubkeys, don't have a shit config, voila. changing the port isn't real security but will keep bot spam to a minimum
Michael Parker
alright thanks user, is it usual for people to attempt hacking into servers? There's literally only minecraft on this vps
Hunter Stewart
Use a really long password. Hide it in a text file somewhere if you can't be assed to remember it.
Grayson Jackson
ask your vps provider why the fuck they didn't informed you about it
Thomas Gomez
I'll do this too, thanks for the advice!
Asher James
Are they supposed to notify me on email or something?
Ryder Mitchell
yes a lot of chinese/russian hackers have a botnet constantly trying to brute force almost every server with port 22 open
Jonathan Cox
first day on the internet?
Hunter Powell
It is 100% usual and expected. Welcome to the Internet.
Juan Perez
That's normal. The minute i took my Server online, when it was only an anonymous ssh server with nothing else on it, I could already see the ssh log filling with chink IPs trying to guess common usernames / passwords (minecraftserver, admin, letmein, user teamspeak) etc.
Won't do them any good unless they guess my 2048 byte ssh key since passwords are disabled, but they won't give up. Ever.
Just accept it, make sure your security is good and be glad.
Nathaniel Long
Terrible advice. If you want to use a long password and have it so long that you need to store it in a file anyway, turn off password authentication and use pubkey authentication only. And make sure you set a password on the private key so it's worthless even if it's stolen from your hard disk.
Chinks MIGHT brute force some 12 character password (though it's extremely unlikely), but they will NEVER guess a 2048 byte key.
Samuel Clark
Happened to me once.
That chink fucker should have known better than to use an infected win2k server.
Samuel Hall
op install fail2ban but be careful not to b& yourself(it happens sometimes) set to like 3 times and walk away
also install sshield
github.com
thank me later.
Juan Lopez
this and disable root acces, change the default password they sent you, create a new login with a decent pass and maybe fail2ban?
Cameron Diaz
fail2ban
Elijah Hughes
>move ssh to random port
We fire people who do this immediately. obscurity != security
Jack Sanchez
He's hosting a game server you freak
Aiden Flores
I will check it out user thanks
I'll make sure to disable root acces, provider uses a random passwd gen
Will install it
this
Asher Taylor
>some chink has been trying to log in 300+ times
Whoa! It's fucking nothing. It's called internet background noise, and every single server has people trying to log in. You're not being targeted, it's bots "just trying". Set-up SSH keys, disable logging in as root and secure your stuff.
Owen Hall
>Are they supposed to notify me on email or something?
No, they aren't. It's your server and normally there would be tens of IPs trying to access SSH on it daily, which would mean constant notifications from your hosting provider.
Want security? Use keys and disable password authentication; configure fail2ban with the SSH jail; enable automatic updates.
Gavin Lee
Yea user, thanks, I didn't know and panicked so I asked
gotcha