Please note this is meant to be more fun than serious security advice
Contributing to TLDR Pages has introduced me to tons of interesting and usef...
For further actions, you may consider blocking this person and/or reporting abuse
I run
fail2banon any internet-facing systems I'm responsible for. This article mad me curious, so I did a quick scan of my failed logins log (on my personal VPS). Results are pretty grim:logrotatehad rotated the log earlier today ...so the following numbers are < 24 hourstrto convert them all to lowercase then ran that list throughuniq)sshservice, specifically)The
fail2banstuff gets even more grim when extended to SMTP+1 for
fail2ban! Works like a charm. I've addedip-setto it lately and this has helped to reduce load significantly.Yeah.
ip-setrules are great for ensuring across-boot persistence, too.One of these days, I'll get around to integrating my deployment-configuration with a "phone home" hook that informs the configuration service, "when re-provisioning this host or provisioning new hosts, blacklist these IPs".
Thank you @bhilburn for the kind words and everyone for the warm reception!
Looks like mapbox is down for now.. :/
Unfortunately, as a consultant, I initiate connections from a wide variety of locations. Some of those locations block "weird" ports. So, moving to non-default port is generally not an option for me.