TheMagicalCFeb 22

The past few days I’ve seen a *massive* uptick in people trying to break into my SSH server. It’s public facing but on a nonstandard port. So many people are trying that my gmail I use to send fail2ban notifs is getting rate limited. Right now I’m getting several per minute, the normal amount is 1-3 per day.

Oh. I just got rate limited again.

Anyone else experiencing something similar?

#cybersecurity #askfedi

Show threadJM HornerFeb 22
@cwg1231 Is there anyone else SSH'ing in to that box? If not, you could just firewall off everything except your own IP address. If your client device has a dynamic IP address maybe you could use a jumphost instead of direct connection.
Show threadTheMagicalC
@jmhorner just me. I could put it behind Tailscale, but I think it’d be fun to mess with the attackers and do some analysis. Both the client and server have dynamic IP addresses. Btw, fantastic instance name.
Feb 22 at 8:07pmWeb