Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
Well if you login one day and don't see lots of them you can safely assume the box has been rooted :D
-
@daarkfall password login is disabled anyway... I changed the sshd to something not standard and the spam went away. I guess those bots don't try too hard.
-
@dovipas certainly from my experience they never do they just scan 22, 80 and 8080 if anything is open they try some basic stuff which when it fails they go away. If it makes you feel better there are various sites with Russian / Chinese IP blocks which you can setup IP tables to ignore completely
-
Yeah i turned off email cause i was getting a steady stream all day long. Then i put fail2ban on the fail2ban logs to create a permaban
-
@dovipas yeah alot of fail2ban vetrans set that up though. Generally the rule on fail2ban is if you got an ip address in logs use me.
-
sudoguy5938yI can relate to this. These are emails from my script which runs on my home router. I give normally 20 bans a day.
Me 12 hours ago: looks like a good idea to get emailed if somebody tries to break into my new server.
Me now:
undefined