New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I get port scanned and brute forced from AWS and Azure. These criminal organisations must be stopped at once.
Call your local police station and report this ILLEGAL activity at once!
Please be sure to put "@123" on the end of any password. That makes it 100% secure.
And what about Linode? Also a large and similar provider. Does it have the same "issues" like digitalocean in terms of abuse?
At Linode all new servers created have the ports 25, 587 and 465 blocked by default. User must open a ticket to open that ports. Is just related with mail (not port scanning, etc..), but Im sure it helps.
On Jan 23, 3396 IP addresses from DigitalOcean probed my servers for TCP open ports.
Only 223 IP addresses from Linode did that on the same day.
How did you perform this ip check ? Im thinking of doing it on my server too.
Anyone else seeing huge brute forcing today coming from most AWS regions? At this rate we'll have to block most of AWS for a while
I've just checked for ssh brute force attempts on my honeypot. There where 2759 unique addresses from 526 different networks. 617 are from Digital Ocean. That's more than the next 5 networks combined. Linode has 12.
This begins to look more like a template problem.
FTFY
Numbers of IP addresses which probed my servers for TCP open ports from the following providers on Jan 24:
DigitalOcean: 3650
Linode: 215
Amazon AWS: 173
Wait for suspicious connection attempts by forcing HAProxy to listen at thousands of TCP ports.
TCP port scan detection with HAProxy: Revised
Digitalocean is cesspool of spam and shady practices.
I myself submitted an abuse report, no action or reply from them.
the reason DO is used for abuse is because of the account credit offer, in a lot of marketplaces the 100$ credit accounts are sold for 10 to 20$ and a lot of their legit clients don't configure server possibly and it gets cracked and thats also sold and used for spamming, hosting phishing pages, brute, ddos etc