Opened up my SSH port to the internet out of curiosity on a useless box.

Wow..... so, so many requests.

Blocking all Chinese IP ranges does really help with this. You can easily find firewall lists online.

@Lennerd I'm curious. What would I Google? Only instructions come up for me how to use /etc/hosts.deny

I don't really know anymore it's a long time ago when I did this on my home server, when that was still running Windows Server instead of Linux.
I guess I googled something like `Chinese ISP IP ranges` or something like that.
Then I used a PowerShell script to import it in Windows Firewall. I think you can do this in Bash and ufw or iptables too

@Lennerd I'll just let fail2ban do the work for me

@alexbrooklyn I will sooner or later. I just wanted to see how bad the bots really are. And I mean wow. I honestly expected maybe a request an hour? It's closer to one every couple seconds. I was so naïve before this.

@alexbrooklyn But then you give up on convenience

@AlgoRythm Since I switched to Linux I run SSH with public key authentication and Denyhosts

@Lennerd ever heard of ~/.ssh/config ?

All I need to use is 'ssh ma' to get in my servers :)

@alexbrooklyn Nope, I will take a look at that. Then again, blocking whole countries is never a bad idea

And never add a telnet server for some "important message" from your app.

I added a speaker to it and some web crawler/bot woke me up in the middle of the night.

@AlgoRythm

You can get a daily blacklist (api) from https://www.abuseipdb.com/

And this shows how to create a blacklist via iptables:
https://google.com/amp/s/...

But careful, ips might switch owners - you have to update it regularly

@TheCommoner282 ooh that's interesting 👀

@TheCommoner282 thanks for sharing that, right now my servers don't have any other non-root users or programs that require ssh connections so i'm fine for now, I'll make sure to keep this in mind

@TheCommoner282 After reading the article, I wouldn't call it "terrible" advice. I still think it's just fine to do so and avoid the bots the easy way.

@TheCommoner282 It ain't obscure it's one number, chill. I just want to avoid them taking up my bandwidth and filling up my auth.log. Even with fail2ban I get 800+ failed logons/ hr. It's just annoying. So far 0 on non-standard port.

It has nothing to do with security and everything to do with knowing that nobody is taking up my system resources to try.

@TheCommoner282 Security isn't even the concern, I know that it does not technically increase security whatsoever.

I just wanna know that those bastards don't even have the chance to try, while keeping my server open to SSH so I can fuck around with it anywhere.

It's just my home server this isn't like a production box or anything. It has a media server and a Minecraft server running on it.