[arm-allstar] SSHD attacks
stanley stanukinos
ka5iid at swbell.net
Sat Jan 9 10:33:27 EST 2021
Do the extra work and set it to drop ranges of the offending IP’s. It will take some work to set up but once done they try and attack you but your Pie drops the packets and sends them no response.
With no response to the probes they normally go away.
China, India, Iran, Russia, and others are big hosts to these Xxxxxxx’s. Just look at the CIDR blocks when you see them in your logs.
Stan
Sent from my iPhone
> On Jan 9, 2021, at 9:23 AM, Bryan St Clair via ARM-allstar <arm-allstar at hamvoip.org> wrote:
>
> I use iptables and set up rules to block any ip after 3 attempts in 10 mins.
>
> Easy, low resources.
>
>> On Sat, Jan 9, 2021, 06:58 "Brad Trogdon via ARM-allstar" <
>> arm-allstar at hamvoip.org> wrote:
>>
>> Howdy all, Looking through the threads I don't see a direct answer.
>>
>> I am getting pounded by login attempts and have turned off the port. My
>> question is should I set up fail2ban or Sshguard to discourage open
>> hammering? Is there anything included in the HamVoIP image that I could
>> take advantage of?
>>
>> -Brad W4INT
>> _______________________________________________
>>
>> ARM-allstar mailing list
>> ARM-allstar at hamvoip.org
>> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>>
>> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>>
> _______________________________________________
>
> ARM-allstar mailing list
> ARM-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>
> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
More information about the ARM-allstar
mailing list