[arm-allstar] NOTICE for user's with public ssh on port 222

GB7NR support at gb7nr.co.uk
Mon Mar 6 15:53:26 EST 2023 

Use a tunnel, or if you have lots use a cluster, Teleport is very good for multiple server admin work via a secure SSH tunnel, 



Sent from my iPhone

> On 6 Mar 2023, at 20:39, Joe Moskalski via ARM-allstar <arm-allstar at hamvoip.org> wrote:
> 
> I have addressed this issue with 2 solutions. One is ban all the IP ranges
> from India, China and Russia in my firewall. It's not very surgical but
> it's effective. The other is setup a L2TP VPN and not make the SSH port
> open to the public only being able to access it through the VPN.
> 
>> On Mon, Mar 6, 2023, 2:13 PM kd6gdb--- via ARM-allstar <
>> arm-allstar at hamvoip.org> wrote:
>> 
>> Where did this get to? One of my private nodes has seemed to have become a
>> favorite in India with over 500 attempts per hour.
>> 
>> [root at Node1502 local]# strings /var/log/btmp | grep -v '[a-zA-Z]' |sort -u
>> 103.246.240.30
>> 104.168.64.249
>> 113.20.31.42
>> 119.93.23.178
>> 128.199.246.42
>> 134.17.89.159
>> 137.184.37.163
>> 164.163.104.184
>> 164.90.229.196
>> 167.233.7.218
>> 170.64.178.90
>> 177.72.99.10
>> 190.144.141.210
>> 192.241.157.114
>> 31.41.244.124
>> 36.255.221.147
>> 43.129.201.229
>> 47.243.106.91
>> 
>> [root at Node1502 local]# uptime
>> 10:04:55 up * 1:06, * 1 user,  load average: 0.11, 0.18, 0.17
>> 
>> [root at Node1502 local]# strings /var/log/btmp | grep -v '[a-zA-Z]' |wc
>>    *505*     505    7296
>> 
>> On Sun, Apr 5, 2020 at 7:38 PM "Al Beard via ARM-allstar" <
>> arm-allstar at hamvoip.org> wrote:
>> 
>>> Hi,
>>> 
>>> This will get you the SSHD info to check:
>>> 
>>> journalctl _COMM=sshd -n 1000 > sshd.log
>>> 
>>> Fedora linux uses "systemd" but still creates most of the "standard"
>>> unix log files such that sys-admin's scripts will still mostly work.
>>> 
>>> I've been using Fedora on ARM systems because they put quite an effort
>>> into supporting many many boards AND I could move the root (/) filesystem
>>> onto a real hard disk either USB or SATA (as in the Banana Pi) and have
>> no
>>> and I mean NO SD card wear out problems.
>>> And, the kernel update process worked seamlessly. dnf -y upgrade
>>> 
>>> My first Raspberry Pi version 1 with 256Mb ram would burn out an SD card
>>> in a day. Thus, with SATA disks everywhere I looked for a SoC with a SATA
>>> interface and found the Allwinner A20 chip on the Banana Pi board did.
>>> 
>>> Alan VK2ZIW
>>> 
>>> On Sun, 5 Apr 2020 17:31:47 -0700, \"Tony via ARM-allstar\" wrote
>>>> On 4/5/20 4:44 PM, "David McGough via ARM-allstar" wrote:
>>>>> ... I'll upload a copy of the code I'm using, if you'd like to
>>> experiment
>>>>> with it?  This code will get wrapped into a package included in
>>> HamVoIP,
>>>>> ultimately.
>>>> 
>>>> Is it essentially a Hamvoip-specific configuration for the fail2ban
>>> package?
>>>> _______________________________________________
>>>> 
>>>> ARM-allstar mailing list
>>>> ARM-allstar at hamvoip.org
>>>> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>>>> 
>>>> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>>> 
>>> 
>>> ---------------------------------------------------
>>> Alan Beard
>>> 
>>> OpenWebMail 2.53
>>> 
>>> _______________________________________________
>>> 
>>> ARM-allstar mailing list
>>> ARM-allstar at hamvoip.org
>>> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>>> 
>>> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>>> 
>> 
>> 
>> --
>> Pursuant to U.S. Code, title 47, Chapter 5, Sub chapter II, ß227,
>> "Any and all non solicited commercial E-mail sent to this address is
>> subject to a download and archival fee of $500.00 U.S.". E-mailing denotes
>> acceptance of these terms.
>> _______________________________________________
>> 
>> ARM-allstar mailing list
>> ARM-allstar at hamvoip.org
>> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>> 
>> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>> 
> _______________________________________________
> 
> ARM-allstar mailing list
> ARM-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> 
> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org

More information about the ARM-allstar mailing list