Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Subscribe to our newsletter

Advertise on LowEndTalk.com

Latest LowEndBox Offers

    PoneyTelecom SSH login attempts: haha!
    New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

    PoneyTelecom SSH login attempts: haha!

    LandofnoneLandofnone Member
    edited September 2016 in General

    Anyone got that displaying in your console here lately. It made me laugh a good bit inside. First thought was @Francisco

    Update/Note: This thread was more or less about SSH login attempts. Thus, i updated the title accordingly.

    Comments

    • FranciscoFrancisco Top Provider

      They're some French ISP I thought?

      Francisco

      BuyVM - Dedicated KVM Slices / Anycast Support! / Stallion Control Panel / Windows 2008, 2012, & 2016! / Unmetered Bandwidth!
      BuyShared - Shared & Reseller Hosting / cPanel + Softaculous + CloudLinux / Pure SSD! / Free Dedicated IP Address
    • online.net is poneytelecom

      I like my uptime down low and my servers all hacked. Can see me droppin' twenty-fours with a router in the rack.
      Ya like ya Switch-Ports hot and ya servers all hacked. If ya pings real high and ya networks pitch black.

    • rm_rm_ Member
      edited September 2016

      Landofnone said: Anyone got that displaying in your console here lately.

      This has been in their rDNS since years, and look how nobody else is creating LET threads about that.

    • @Francisco said:
      They're some French ISP I thought?

      Francisco

      Unfortunately not a subsidiary of Frantech :-(

      Thanked by 1mycosys

      Jr System Administrator

    • Seems like they are attempting to login to people servers. I've already witness 3 failed login attempts. China, Indonesia, France 'online SAS'. Who the hell did i pissed off. haha

    • NekkiNekki Moderator

      @Landofnone said:
      Seems like they are attempting to login to people servers. I've already witness 3 failed login attempts. China, Indonesia, France 'online SAS'. Who the hell did i pissed off. haha

      Mate, you're not special.

    • hostdarehostdare Member, Provider

      This is very common .. I get thousands of attempts everyday. do not worry,use secure passwords everywhere.

      HostDare - One of the cheapest and coolest providers online! :) | Our premium unmanaged vps plans | Cheap Shared Hosting

    • @Nekki said:

      @Landofnone said:
      Seems like they are attempting to login to people servers. I've already witness 3 failed login attempts. China, Indonesia, France 'online SAS'. Who the hell did i pissed off. haha

      Mate, you're not special.

      Did i say i was. No. It was a joke, this whole Thread is a joke.

      Thanked by 1postcd
    • NekkiNekki Moderator

      @Landofnone said:

      @Nekki said:

      @Landofnone said:
      Seems like they are attempting to login to people servers. I've already witness 3 failed login attempts. China, Indonesia, France 'online SAS'. Who the hell did i pissed off. haha

      Mate, you're not special.

      Did i say i was. No. It was a joke, this whole Thread is a joke.

      You're a joke.

    • @Landofnone said:
      Seems like they are attempting to login to people servers. I've already witness 3 failed login attempts. China, Indonesia, France 'online SAS'. Who the hell did i pissed off. haha

      LOL - i saw some idiot with the same notion posting about how he blocked all IPs with an RDNS of *.poneytelecom - gave me a good laugh that they had so little google fu or sense that they had NO notion they had blocked one of the worlds largest datacenters

    • Nekki said: You're a joke.

      Nice one

    • NekkiNekki Moderator

      @Landofnone said:

      Nekki said: You're a joke.

      Nice one

      Thank you. Kind of you to say, old chap.

    • ATHKATHK Member
      edited September 2016

      @hostdare said:
      This is very common .. I get thousands of attempts everyday. do not worry,use secure passwords everywhere.

      Passwords? .. I'd hate to be your customer.

    • @Nekki said:

      @Landofnone said:

      @Nekki said:

      @Landofnone said:
      Seems like they are attempting to login to people servers. I've already witness 3 failed login attempts. China, Indonesia, France 'online SAS'. Who the hell did i pissed off. haha

      Mate, you're not special.

      Did i say i was. No. It was a joke, this whole Thread is a joke.

      You're a joke.

      Was about to say the same thing xD

    • AshleyUkAshleyUk Member
      edited September 2016

      @mycosys said:

      @Landofnone said:
      Seems like they are attempting to login to people servers. I've already witness 3 failed login attempts. China, Indonesia, France 'online SAS'. Who the hell did i pissed off. haha

      LOL - i saw some idiot with the same notion posting about how he blocked all IPs with an RDNS of *.poneytelecom - gave me a good laugh that they had so little google fu or sense that they had NO notion they had blocked one of the worlds largest

      They are defiantly not anywhere near one of the largest...

    • NekkiNekki Moderator

      @ATHK said:

      @hostdare said:
      This is very common .. I get thousands of attempts everyday. do not worry,use secure passwords everywhere.

      Passwords? .. I'd hate to be your customer.

      Another one on the blacklist, amirite?

      Thanked by 2ATHK AshleyUk
    • hostdarehostdare Member, Provider

      ATHK said: Passwords? .. I'd hate to be your customer.

      ok

      HostDare - One of the cheapest and coolest providers online! :) | Our premium unmanaged vps plans | Cheap Shared Hosting

    • @ATHK said:

      @hostdare said:
      This is very common .. I get thousands of attempts everyday. do not worry,use secure passwords everywhere.

      Passwords? .. I'd hate to be your customer.

      You want SSH keys?

      Thanked by 2ATHK joepie91
    • Last failed login: Tue Sep 6 12:57:24 BST 2016 from 195.154.43.122 (195-154-43-122.rev.poneytelecom.eu) on ssh:notty There were 31924 failed login attempts since the last successful login.

      Please tell me how special I am @Nekki :)

      @HostBalls

    • Screw SSH keys, I require myself to VPN into my systems :p

      Thanked by 1ManofServer

      wget https://s.flamz.pw/dl/bench.sh && bash bench.sh

      curl https://s.flamz.pw/analytics/bench/stats.php

    • NekkiNekki Moderator

      @Zen said:
      Last failed login: Tue Sep 6 12:57:24 BST 2016 from 195.154.43.122 (195-154-43-122.rev.poneytelecom.eu) on ssh:notty There were 31924 failed login attempts since the last successful login.

      Please tell me how special I am @Nekki :)

      Special needs.

      Thanked by 2Zen justscheduled
    • Nekki said: Special needs.

      Ouch.

    • @Landofnone said:

      @Nekki said:

      @Landofnone said:
      Seems like they are attempting to login to people servers. I've already witness 3 failed login attempts. China, Indonesia, France 'online SAS'. Who the hell did i pissed off. haha

      Mate, you're not special.

      Did i say i was. No. It was a joke, this whole Thread is a joke.

      Correct.

      Thanked by 1Pwner

      Favourite host in general: Ramnode (affiliate link)
      Favourite host for hourly billing/custom ISOs: Vultr ($50 free credit for new accounts, affiliate link)

    • @rm_ said:

      Landofnone said: Anyone got that displaying in your console here lately.

      This has been in their rDNS since years, and look how nobody else is creating LET threads about that.

      The name and ip showed up in my console on my VPS as a failed ssh login. Hence the reason i was asking if anyone else was getting hit by the same servers.

      Try being part of a community and this is what i get.

    • @Landofnone said:

      @rm_ said:

      Landofnone said: Anyone got that displaying in your console here lately.

      This has been in their rDNS since years, and look how nobody else is creating LET threads about that.

      The name and ip showed up in my console on my VPS as a failed ssh login. Hence the reason i was asking if anyone else was getting hit by the same servers.

      Try being part of a community and this is what i get.

      Welcome to LET.

    • doghouch said: Welcome to LET.

      And everywhere else.

    • @hostdare said:
      This is very common .. I get thousands of attempts everyday. do not worry,use secure passwords everywhere.

      Please use Key based login and you will not get any attempt.

      Cheap $9/Year Hosting(US/UK/Canada/ES) - Cheap Windows VPS Hosting from Dewlance & Linux Xen VPS at low price. PreMadeKb.com WHMCS/Blesta Readymade Knowledgebase
    • hostdarehostdare Member, Provider

      You guys are acting like I do not know or use key based ...

      HostDare - One of the cheapest and coolest providers online! :) | Our premium unmanaged vps plans | Cheap Shared Hosting

    • RalliasRallias Member, Provider

      @Zen said:
      Last failed login: Tue Sep 6 12:57:24 BST 2016 from 195.154.43.122 (195-154-43-122.rev.poneytelecom.eu) on ssh:notty There were 31924 failed login attempts since the last successful login.

      Please tell me how special I am @Nekki :)

      Last failed login: Fri Sep  9 11:34:10 EDT 2016 from 116.31.116.9 on ssh:notty
      There were 128480 failed login attempts since the last successful login.
      
      Thanked by 1Zen
    • FlamesRunnerFlamesRunner Member
      edited September 2016

      @hostdare

      You're a VPS provider. At the very LEAST you should know how to use key authentication.

      Also congratulations: I won't be picking up a Hostdare VPS any time soon. Maybe others, too.

      wget https://s.flamz.pw/dl/bench.sh && bash bench.sh

      curl https://s.flamz.pw/analytics/bench/stats.php

    • hostdarehostdare Member, Provider

      oh god.. read properly .. I said people are acting like.. I know it and I am using key authentication in all of them. I am just saying for the op.

      HostDare - One of the cheapest and coolest providers online! :) | Our premium unmanaged vps plans | Cheap Shared Hosting

    • @FlamesRunner said:
      @hostdare

      You're a VPS provider. At the very LEAST you should know how to use key authentication.

      Also congratulations: I won't be picking up a Hostdare VPS any time soon. Maybe others, too.

      FWIW a key isnt going to provide much over a decent ~30char passphrase. It is 2FA that is the biggest security feature

    • @FlamesRunner said:
      @hostdare

      You're a VPS provider. At the very LEAST you should know how to use key authentication.

      Also congratulations: I won't be picking up a Hostdare VPS any time soon. Maybe others, too.

      FWIW a key isnt going to provide much over a decent ~30char passphrase. It is 2FA that is the biggest security feature

    • joepie91joepie91 Member, Provider

      @mycosys said:

      @FlamesRunner said:
      @hostdare

      You're a VPS provider. At the very LEAST you should know how to use key authentication.

      Also congratulations: I won't be picking up a Hostdare VPS any time soon. Maybe others, too.

      FWIW a key isnt going to provide much over a decent ~30char passphrase. It is 2FA that is the biggest security feature

      How's that? A key will have significantly more entropy, and that's even assuming that the "30char passphrase" is CS-random, which it almost never is in practice.

      Thanked by 1hostdare
    • @joepie91 said:

      @mycosys said:

      @FlamesRunner said:
      @hostdare

      You're a VPS provider. At the very LEAST you should know how to use key authentication.

      Also congratulations: I won't be picking up a Hostdare VPS any time soon. Maybe others, too.

      FWIW a key isnt going to provide much over a decent ~30char passphrase. It is 2FA that is the biggest security feature

      How's that? A key will have significantly more entropy, and that's even assuming that the "30char passphrase" is CS-random, which it almost never is in practice.

      And a 1Meg key will have significantly more entropy than a 1k key, but at some point you reach a point of impracticality. And either is still equally vulnerable being acquired, this being the main security risk for a key.
      2FA adds the requirement that they need to gain 2 secrets, one physical and one which hopefully only you know, requiring both a physical attack and social engineering or a time consuming brute force that can be blocked by fail2ban (or abtaining your has in another physical attack and brute forcing that). Realtively adding 2FA will do orders of magnitude more for your security than just a key. That is my point, RELATIVE security.

      Thanked by 1asf
    • JustAMacUserJustAMacUser Member
      edited September 2016

      mycosys said: That is my point,

      Security is handled in layers. Public/private key is a better layer than password. Adding two factor is another layer. Restricting IPs is another layer. The list goes on.

      Suggesting the use of passwords over keys because "at some point you reach a point of impracticality" isn't sound reasoning. Not only are keys simply easier to use than passwords, they are generally a better layer of security.

      In other words, all things being equal, why bother with passwords when keys are better in every way.

      edit: Keys can also be encrypted with passwords, so if they're stolen you have yet another layer in place. Heck, for that matter, if you're going to use a 30-character password to login, might as well make that the encryption password for your key.

    • RalliasRallias Member, Provider

      DewlanceVPS said: Please use Key based login and you will not get any attempt.

      Key-based authentication will not stop attempts, only successes.

      Thanked by 1hostdare
    • @JustAMacUser said:

      mycosys said: That is my point,

      Security is handled in layers. Public/private key is a better layer than password. Adding two factor is another layer. Restricting IPs is another layer. The list goes on.

      Suggesting the use of passwords over keys because "at some point you reach a point of impracticality" isn't sound reasoning. Not only are keys simply easier to use than passwords, they are generally a better layer of security.

      In other words, all things being equal, why bother with passwords when keys are better in every way.

      edit: Keys can also be encrypted with passwords, so if they're stolen you have yet another layer in place. Heck, for that matter, if you're going to use a 30-character password to login, might as well make that the encryption password for your key.

      are you deliberately missing the point (which you just re-iterated) or are you really that thick? Yes, layers. and whatever you do multiple layers are many times better than one.

      Jesus christ

      Thanked by 1asf
    • joepie91joepie91 Member, Provider

      @mycosys said:

      @joepie91 said:

      @mycosys said:

      @FlamesRunner said:
      @hostdare

      You're a VPS provider. At the very LEAST you should know how to use key authentication.

      Also congratulations: I won't be picking up a Hostdare VPS any time soon. Maybe others, too.

      FWIW a key isnt going to provide much over a decent ~30char passphrase. It is 2FA that is the biggest security feature

      How's that? A key will have significantly more entropy, and that's even assuming that the "30char passphrase" is CS-random, which it almost never is in practice.

      And a 1Meg key will have significantly more entropy than a 1k key, but at some point you reach a point of impracticality. And either is still equally vulnerable being acquired, this being the main security risk for a key.
      2FA adds the requirement that they need to gain 2 secrets, one physical and one which hopefully only you know, requiring both a physical attack and social engineering or a time consuming brute force that can be blocked by fail2ban (or abtaining your has in another physical attack and brute forcing that). Realtively adding 2FA will do orders of magnitude more for your security than just a key. That is my point, RELATIVE security.

      Realistically, you're not going to have a 30-character key with perfect randomness without writing it down / storing it somewhere, in which case you might as well just use a keypair and have it be more convenient.

      Considering tradeoffs of convenience vs. security, an encrypted keypair + 2FA is a much better option than a 30-character password + 2FA, especially given that the user is far less likely to screw up the latter (eg. by letting a piece of paper with the password linger around, or picking a password according to a pattern for rememberability).

      Sure, if you have a 30-character password with perfect randomness, then that might be good enough (depending on configuration, software, etc. - you want it to still hold up even if it's partially weakened, for example), but in what real-world scenario is that going to be a more viable option than a keypair?

    • DewlanceVPS said: Please use Key based login and you will not get any attempt.

      How is that magic done?
      People will still try, but probably with less success. He will still have lots of attempts in his logs.

      "Actually, throughout my life, my two greatest assets have been mental stability and being, like, really smart.", Stephen Hawking, 2017. Join the Amitz party here.

    • edited September 2016

      slash etc slash hosts dot deny (has helped me a lot)

      183 VPS tested in real time and counting... (86 active LEB providers).
      All links I'm posting are tracked affiliate links, whenever the provider has an affiliate program.
    • @joepie91 said:

      @mycosys said:

      @joepie91 said:

      @mycosys said:

      @FlamesRunner said:
      @hostdare

      You're a VPS provider. At the very LEAST you should know how to use key authentication.

      Also congratulations: I won't be picking up a Hostdare VPS any time soon. Maybe others, too.

      FWIW a key isnt going to provide much over a decent ~30char passphrase. It is 2FA that is the biggest security feature

      How's that? A key will have significantly more entropy, and that's even assuming that the "30char passphrase" is CS-random, which it almost never is in practice.

      And a 1Meg key will have significantly more entropy than a 1k key, but at some point you reach a point of impracticality. And either is still equally vulnerable being acquired, this being the main security risk for a key.
      2FA adds the requirement that they need to gain 2 secrets, one physical and one which hopefully only you know, requiring both a physical attack and social engineering or a time consuming brute force that can be blocked by fail2ban (or abtaining your has in another physical attack and brute forcing that). Realtively adding 2FA will do orders of magnitude more for your security than just a key. That is my point, RELATIVE security.

      Realistically, you're not going to have a 30-character key with perfect randomness without writing it down / storing it somewhere, in which case you might as well just use a keypair and have it be more convenient.

      Considering tradeoffs of convenience vs. security, an encrypted keypair + 2FA is a much better option than a 30-character password + 2FA, especially given that the user is far less likely to screw up the latter (eg. by letting a piece of paper with the password linger around, or picking a password according to a pattern for rememberability).

      Sure, if you have a 30-character password with perfect randomness, then that might be good enough (depending on configuration, software, etc. - you want it to still hold up even if it's partially weakened, for example), but in what real-world scenario is that going to be a more viable option than a keypair?

      How to even prove that something is perfectly random :P

      I like my uptime down low and my servers all hacked. Can see me droppin' twenty-fours with a router in the rack.
      Ya like ya Switch-Ports hot and ya servers all hacked. If ya pings real high and ya networks pitch black.

    • @mycosys said:
      are you deliberately missing the point (which you just re-iterated) or are you really that thick?

      I literally quoted you saying passwords of sufficient length are just as good as keys. I then proceeded to explain that's not true and why.

    • Side note: I think Vanilla should have a quote limit (like where someone quotes a post with a quote and so on and so forth).


      By the way @joepie91:

      How do you plan on getting that perfectly random password of yours?

      wget https://s.flamz.pw/dl/bench.sh && bash bench.sh

      curl https://s.flamz.pw/analytics/bench/stats.php

    Sign In or Register to comment.