[tor-relays] SSH scans from Tor exit
s7r at sky-ip.org
s7r at sky-ip.org
Mon Apr 28 22:47:58 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 4/29/2014 1:31 AM, I wrote:
> One VPS company has just asserted that SSH scans are being run from
> my Tor exit rather than another process on the VPS. Is this
> happening to anyone else? Does anyone know what can be done to stop
> it?
>
> Robert
>
>
> _______________________________________________ tor-relays mailing
> list tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
Could you explain with more details? Your question is not totally clear.
If your VPS is being SSH brute forced there are many ways to protect:
- - make hostbased authentication or use keys instead of password-based
authentication
- - install fail2ban to ban IPs after "x" wrong passwords
- - make sure you put a very strong password, seriously
- - disable root login via ssh
- - if you have a VPS made with KVM you can disable SSH access at all
and use the javaconsole from the VPS panel?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
iQEcBAEBCAAGBQJTXtqcAAoJEIN/pSyBJlsRyu4IAMsD1fsZeqZsMuQhCgQ2bDfW
M6rSKQjjCDXbI37W6w153rEZkSrA6cxh40t7PkcyhuWDXSSZTi/CfY2r5AzRNBxk
CKNrKioPVU28PETqJLo/8aOcmRFVZAgUYXpUwDnMCqOOW7Lun71UOzgAbyNdcOaa
ogECDzC92lkrGvN7ofy64NeBnyZ82DysNBUss1BxQ1bX5prnlSznY/0OgxYsBwsS
UCFCZ3tmcf905b7esibYinwtLlXG9Oc8PdTaBH+JV64s+m+J5DTLK6zRqDiaIpDJ
TqOQF3ALAYijDvJ+eO5JHY0whqMAWDFC6pRBDyAsok9D5AA1bkJtEXlFPe/8NLM=
=UukK
-----END PGP SIGNATURE-----
More information about the tor-relays
mailing list