43
gitpush
7y

For fucks sack I just created my server and fail2ban already blocked 6 IP addresses dafuq is going on on the internet 😓

Comments
  • 0
    @FrodoSwaggins I sure will do this when I get home don't want to wake up on a hacked server :/

    But doesn't those failed attempts effect server? I mean doesn't it use it's resources even for fraction of a second?
  • 6
    Once i was modding a Wii u console and enabled an ftp server to mess with system files, this console was in the DMZ for online play. As soon as i enabled the ftp server i started to see a lot of connections on the log i quickly closed it and disabled dmz. Later from pc i saw someone uploaded a lot of linux executables with different names in every folder. A lot of those files are probably still there because i don't know which are system files and which aren't.
  • 4
    Port-knocking is still a favorite of mine.
  • 4
    @exelix Wii modding is great
  • 2
    Ditto to above you want to see some logs I have miles of them. What I find interesting is 70% resolved addresses in those belong to China and Korea.
  • 1
    @Root port nockig as in scanning which open ports target has?

    Everyone else, what do you think about this attached image?
    #1 is ufw and #2 is fstab

    (Image in next comment)

    Link:https://thefanclub.co.za/how-to/...

    Are they recommended or do I look for something else?
    @FrodoSwaggins @Artemix @exelix @ewpratten @mbj047
  • 3
    Attached
  • 1
    @gitpush Port knocking as in: you make a request to the server at port 98765, and the server opens sshd on port 3456.

    You do a secret knock, the server opens a hidden door. That way, the door isn't always visible. (Still requires keys as usual, ofc.)
  • 2
    @gitpush I believe all the steps will work. Make sure to change SSH port! That's the first thing you should do.
  • 1
    @Root thanks I'll read more about it 😀😀
    @uziiuzair thanks man I'll also start checking them, hope I don't get stuck somewhere 😅
  • 2
    @Root thank you, port knocking up and running. Learning something new everyday day 😀
  • 1
    @gitpush 😄
  • 1
    Commenting because I'm such a noob at this and want to learn more. Looking forward to new comments and suggestions for system security tightening.
  • 0
    @julianmd start by applying what's in my comment where image is attached, the one before it has the website link, for now I do fail2ban, and port knocking,this weekend will continue for the rest
  • 1
    @gitpush I'm making a security to-do list and checking it twice, I'll be always checking which port has been naughty or nice - LET'S ENCRYPT IS COMIIIIING TO HOST!
  • 0
    @julianmd oh I set it up with nginx it is so damn amazing, I used their docker for easy configuration it is just few commands and all is set up.
    Can you share your security list if it's ok with you?
  • 1
    @gitpush Sure thing, bro!
    • 4096-bit private/public keys for auth through SSH (I still need to disable root SSH and change the default port)
    • Password protect all the tools I use using their built-in password auth scheme
    • Future Let's Encrypt once I buy a real domain (I'm using a free one that my ISP offers, but I can't get Let's Encrypt to deploy on that for some reason)
    • Basic ufw rules and iptables fail2ban-like config
    • Future fail2ban deployment
    That's about it, I'm still learning a lot about different ways to secure the server and trying to pick the best for me. I only use my server for file storage/backups, sometimes VPN when Mom needs to use some apps on it, Plex and as an overall learning tool. It's just my old PC with Ubuntu server on it, nothing fancy. Core 2 Duo @ 1.86 GHz and 6 GB of RAM.
  • 0
    @julianmd great thanks man 😀😀
  • 1
    Cheers. On the train right now, going to visit the folks before starting work on Monday. ðŸ»
  • 0
    @julianmd enjoy 😀😀
Add Comment