Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

what would you do

what would you do

TazTaz Disabled
edited July 2012 in General

If there wasn't any firewall. Lol blocked 68 bruteforce attempt in less than 10 min. I would die without em. What about you?

Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

Comments

  • Be rather screwed?

  • @NinjaHawk said: If there wasn't any firewall. Lol blocked 68 bruteforce attempt in less than 10 min. I would die without em. What about you?

    Fail2ban?

    Catalyst Host - Pie Approved!
  • TazTaz Disabled

    That's another form of firewall as well.

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • Pick a pass like one of mine ButItIsGoodToRemember_LFS123!@# and let the robots crack it. Of course, not in english and make sure to use weird chars in your language. M

    top - 22:32:38 up 906 days, 2:58, 1 user, load average: 3.94, 5.13, 8.38

  • Just continue the same as before? I don't use any IPTables rules on my servers and i don't see any reason to do so.

  • @gsrdgrdghd said: Just continue the same as before? I don't use any IPTables rules on my servers and i don't see any reason to do so.

    This. IPTables dont help if you have vulnerable apps, and if they dont have known exploits, then IPTables are not needed. So, keep your installation up to date by applying latest patches, not really by putting up the latest and greatest version, put up only what you need, listen only on the ports you need, if you access some ports only yourself, make them listen only locally and use port forwarding with ssh, etc... M

    top - 22:32:38 up 906 days, 2:58, 1 user, load average: 3.94, 5.13, 8.38

  • Just keep complex password and let them be.

  • bdtechbdtech Member

    Change the port, Disable root login, then just su -

  • dmmcintyre3dmmcintyre3 Member
    edited July 2012

    SSH key auth, disable any unneeded services, run yum update often, have stuff like MySQL listen on 127.0.0.1.

    FreeVPS.us - The oldest post to host VPS provider
  • PresbytisPresbytis Member
    edited July 2012

    @Maounique said:

    Pick a pass like one of mine ButItIsGoodToRemember_LFS123!@# and let the robots crack it. Of course, not in english and make sure to use weird chars in your language. M

    I pick password like "kawit esuk ketuk bengi ngantuk terus", its pretty easy to remember (my native language) but i think its long enough to prevent bruteforce. :)

  • yomeroyomero Member

    Just 68 in 10 minutes? Bah...

  • @Presbytis said: I pick password like "kawit esuk ketuk bengi ngantuk terus", its pretty easy to remember (my native language) but i think its long enough to prevent bruteforce. :)

    Any long enough password is hard to bruteforce, but using only one type of letters is not good enough, even if you have space, which few ppl use :) Best should have lowercase, uppercase, numbers, special chars (*&^% etc) and space as the cherry on the top :) Introducing only one of each is enough to skyrocket the number of combinations. However, from what i saw, those attacks are really limited, saw passes tried such as kevin, lpt and even bob... M

    top - 22:32:38 up 906 days, 2:58, 1 user, load average: 3.94, 5.13, 8.38

  • TazTaz Disabled

    Wat about passwords in Chinese language? That would be a pain to crack as bots only use english.

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • @NinjaHawk said: Wat about passwords in Chinese language? That would be a pain to crack as bots only use english.

    Few people use Chinese character in password because you can only paste it to the blank. when you try to type Chinese in blank you will get Pinyin characters at last.

  • DamianDamian Member

    additionally, changing services away from "standard" ports will prevent 99% of the bruteforce attacks. There's 4 billion other IPs to try out, why bother with spending time figuring out what port you've changed to

    I am no longer affiliated with IPXcore.
  • TazTaz Disabled

    That eventually is a fun thing to do :)

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

  • nunimnunim Member

    @Maounique said: Any long enough password is hard to bruteforce, but using only one type of letters is not good enough, even if you have space, which few ppl use :)

    Wow I actually never knew you could use spaces in Linux passwd's, too bad if I use them now I'll never remember that I used them since I'm so used to no spaces, but thanks for the tip!

    SonicGlass 11 Locations- Amsterdam, Atlanta, Denver, Los Angeles, , Milan,
    SonicBoxes.com - VPS Tips, Tricks & Tutorials

  • RandyRandy Disabled

    Change to a random port:)

  • jcalebjcaleb Moderator

    i think no need firewall if all your service will be opened anyways to the outside. e.g. if you only run ssh and web

    Twitter Bootstrap Themes for your software projects. I recommend Prometeus and Catalyst Host

  • Nothing. All my passwords are different and secure. Chances of someone / something cracking my passwords are pretty much nil.

  • TazTaz Disabled

    @AstoundingHost passwords can be cracked no matter how secure it is. May be some will take longer then other but yes, it can be cracked.

    Time is good and also bad. Life is short and that is sad. Dont worry be happy thats my style. No matter what happens i won't lose my smile!

Sign In or Register to comment.