Hmmm... Home server is getting hit by a very aggressive SSH botnet right now.

The interesting thing is, this is coming mostly from the USA, especially Digital Ocean and CenturyLink, and not from China, as I got used to before.

Kind of unusual, really.

I always have a good laugh at these shitty bots. Trying "root" and "admin" (and many permutations thereof) is not going to get you anywhere, except in my '/etc/hosts.deny'.

@ParadeGrotesque So much effort when you could just ignore it entirely or change the port ;)


@js @ParadeGrotesque I’ve changed the port and they still eventually find it. I just ignore it. Even if they knew my root password they couldn’t log in.
What OS made in the last decade actually allows remote root logins?

@junkman @js

A simple nmap scan will let you find the open SSH port. Moving from 22 to something else protects you for about 10 minutes.

And, yes, setting 'RootLogin' to 'no' should be SSH configuration 101.

@ParadeGrotesque @junkman Protected me from log spam for 15 years now 🤷‍♂️. Maybe pick a better port?

@junkman @ParadeGrotesque Hmm I never notice anything in the logs with the port I’ve chosen.

Sign in to participate in the conversation
Mastodon @ SDF

"I appreciate SDF but it's a general-purpose server and the name doesn't make it obvious that it's about art." - Eugen Rochko