[tor-relays] SSH brute force attempts to connect to my Middle Relay IP address
Gareth Llewellyn
gareth at networksaremadeofstring.co.uk
Wed Oct 4 06:35:13 UTC 2017
-------- Original Message --------
On 4 Oct 2017, 07:02, Fr33d0m4all wrote: Hi, My Tor middle relay public IP address is victim of SSH brute force connections’ attempts
Welcome to the Internet!
Any Internet connected machine will be port scanned, vuln probed, brute forced, blindly hit with ancient "1 shot" exploits (think wordpress plugins) and trawled for include vulnerabilities (e.g. ?file=../../../etc/passwd ) on a daily basis.
It's not normally something to worry about.
Disable root login, enable certificate authentication and if you feel particularly strongly about the log noise firewall off TCP/22 or move sshd to a high numbered port.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20171004/35383618/attachment.html>
More information about the tor-relays
mailing list