Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Sep 04, 2022

=> Programming Leftovers | today's howtos

Large scale Internet SSH brute force attacks seem to have stopped here

=> ↺ Large scale Internet SSH brute force attacks seem to have stopped here

The last time I paid attention to what happened when you exposed an SSH port on the Internet was years and years ago, when I gave up being annoyed by log messages and either stopped paying attention or firewalled of my SSH ports from the general Internet. Back then, it was received wisdom (and my general experience) that having an SSH port open drew a constant stream of SSH brute force attacks against a revolving cast of whatever logins the attackers could come up with.

Recently I set up a Grafana Loki setup that captures our systemd logs. As part of getting some use out of it (beyond questions about how server clocks drift), I built a Grafana dashboard that reports on SSH authentication failures across our Ubuntu fleet (among other things). What I saw surprised me, because what our exposed SSH servers experience today seems to be nothing like it was in the past.

Railway interest in IoT devices growing

=> ↺ Railway interest in IoT devices growing

Industrial IoT has amazing potential. But in the words of Mikko Hyppönen, anything smart is vulnerable. Implementation will be key.

Ransomware attacks: 75 percent spike in attacks on Linux OS users in first half of 2022 [Ed: Copy-pasting the FUD from a private firm that targets Windows and isn't interested in Linux success; in fact, this helps distract from the real target of ransomware, which is Windows (about 900-95% of the time)]

=> ↺ Ransomware attacks: 75 percent spike in attacks on Linux OS users in first half of 2022

=> gemini.tuxmachines.org