> From: Matthew Gillen
> To: disc...@blu.org
I use the rule that only "user" accounts, not accounts installed by the
distribution or software packages can be logged in via ssh. That means
that an effective attacker must know *something* about my particular
setup to have any hope of logging in.
The weekly Mass Mesh tech meeting is tonight, 7-9pm. As you would expect with
the COVID-19 pandemic still very active, we will be meeting online at:
https://jitsi.massmesh.net/massmesh
--
You may remember them from the times they spoke at BLU... They meet ev
I recently noticed that the Fail2Ban project is almost dead. The
homepage hasn't been updated since 2016 [1] But then I noticed that
there *is* activity on GitHub, and there is actually a new major
version out (with backward compatibility). Still, there are a large
number of pull requests, and a la
On Tue, 22 Dec 2020 09:40:31 -0500
Matthew Gillen wrote:
> "username" "number of failed logins"
> root 4328
Only ~4K root login attempts. My peak at LNS was around 20K before I
deployed denyhosts and later fail2ban.
> is why it can be a good idea to set the "PermitRootLogin no" option in
> you
Since we were talking about services globally accessible recently, just
wanted to share a public service announcement. Below is a pretty
typical /daily/ count of failed logins on a publicly accessible ssh
server under my purview. Seeing as how root has 10 times the hits of
the next biggest target
