Set up my server 2 days ago and hackers already on it!! Geeeeze!! 😂😂

  • 10
    Hackers or just bots trying to get access?
  • 7
    Just a bunch of script kiddies
  • 5
    Lame wankers
  • 7
    Yeah each of my servers gets around 30K attempts per day haha.

    Welcome to this world!
  • 2
    @alexbrooklyn idk to be honest. Looked up the IP's and they came from

    -China 2x
  • 4
    I want a live view of chinese IPs scanning my server as phone background
  • 5
    @linuxxx OMG!! This is my first sever, so I was not expecting this. 30k would freak me out! 😱😱
  • 3
    I know it’s fun and all to set up your own server, but I find it’s better to just use ANY cloud provider. Cost money, but these kinds of shit are blocked automatically
  • 3
    don't sweat it, they're just bots trying to find access and setup files that you shouldn't leave like wordress setup file and so on
  • 1
    @NoToJavaScript True, though about it and u said it, the price always stop me. I've used AWS and Azure only the free tiers/trials. Maybe if my next app makes money I'll switch, but for now, have to with my server.
  • 6
    @DivSyntax I manage 20-40 servers haha. I'm used to this and have software running to mitigate automatically.

    Next to that I've got a notification System in place which notifies me when a new SSH session starts so unless someone uses a zero day RCE (Remote Code Execution) vulnerability, I'll be alerted the second someone gets in :)
  • 2
    @linuxxx Yeeeeeeah, gonna try and set this up on mines. 👍
  • 1
    Bastille or similar maybe?
  • 3
    Botnet recruiters :)

    make sure to never use default passwords [or simple ones for the matter].

    And set up your iptables/firewalld in restrictive mode.

    DO NOT allow root ssh logins unless you have a password that is so random and strong that neither dict-attacks nor bruteforce would crack them in this decade.

    As for other users - only key auth
  • 0
    @linuxxx do you have any software recommendations for logging activity such as bots/users attempting to access a server?
  • 0
    @amoux In a webserver context or?
  • 0
    @linuxxx what software do you use to mitigate it?
  • 1
    @shakur The brute force stuff? CSF (search for this as "csf firewall" since its also a medical thing 😅)
Add Comment