[arm-allstar] NOTICE for user's with public ssh on port 222
Tyler Costantini
trcostan at gmail.com
Mon Mar 6 14:59:00 EST 2023
I keep all mine behind a firewall and use a VPN to connect the system. The
public facing ports have NAT rules through the VPN to the public node. No
SSH ports facing outside.
I have a digital ocean instance running OpenVPN that all the repeater pi's
connect to and we use its static IP for outside access with some NAT rules.
No need to ask internet providers to map ports at each site.
Tyler KB0PQP
On Mon, Mar 6, 2023 at 1:13 PM Jeff Jurenka via ARM-allstar <
arm-allstar at hamvoip.org> wrote:
> Where did this part of the project get to?
>
> It seems that my private node has become all the rage in India for
> attacking. I am receiving about 600 attempts per hour right now and would
> love to have my node do actual ALLSTARLINK stuff without the overhead of
> hackers and their unaddressed dictionary attacks.
>
> Thank you
>
> Jeffrey
>
>
>
> On Sun, Apr 5, 2020 at 7:38 PM "Al Beard via ARM-allstar" <
> arm-allstar at hamvoip.org> wrote:
>
> > Hi,
> >
> > This will get you the SSHD info to check:
> >
> > journalctl _COMM=sshd -n 1000 > sshd.log
> >
> > Fedora linux uses "systemd" but still creates most of the "standard"
> > unix log files such that sys-admin's scripts will still mostly work.
> >
> > I've been using Fedora on ARM systems because they put quite an effort
> > into supporting many many boards AND I could move the root (/) filesystem
> > onto a real hard disk either USB or SATA (as in the Banana Pi) and have
> no
> > and I mean NO SD card wear out problems.
> > And, the kernel update process worked seamlessly. dnf -y upgrade
> >
> > My first Raspberry Pi version 1 with 256Mb ram would burn out an SD card
> > in a day. Thus, with SATA disks everywhere I looked for a SoC with a SATA
> > interface and found the Allwinner A20 chip on the Banana Pi board did.
> >
> > Alan VK2ZIW
> >
> > On Sun, 5 Apr 2020 17:31:47 -0700, \"Tony via ARM-allstar\" wrote
> > > On 4/5/20 4:44 PM, "David McGough via ARM-allstar" wrote:
> > > > ... I'll upload a copy of the code I'm using, if you'd like to
> > experiment
> > > > with it? This code will get wrapped into a package included in
> > HamVoIP,
> > > > ultimately.
> > >
> > > Is it essentially a Hamvoip-specific configuration for the fail2ban
> > package?
> > > _______________________________________________
> > >
> > > ARM-allstar mailing list
> > > ARM-allstar at hamvoip.org
> > > http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> > >
> > > Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
> >
> >
> > ---------------------------------------------------
> > Alan Beard
> >
> > OpenWebMail 2.53
> >
> > _______________________________________________
> >
> > ARM-allstar mailing list
> > ARM-allstar at hamvoip.org
> > http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> >
> > Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
> >
> _______________________________________________
>
> ARM-allstar mailing list
> ARM-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>
> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>
More information about the ARM-allstar
mailing list