Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


what would you do
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

what would you do

TazTaz Member
edited July 2012 in General

If there wasn't any firewall. Lol blocked 68 bruteforce attempt in less than 10 min.
I would die without em. What about you?

Comments

  • AsadAsad Member

    Be rather screwed?

  • @NinjaHawk said: If there wasn't any firewall. Lol blocked 68 bruteforce attempt in less than 10 min.

    I would die without em. What about you?

    Fail2ban?

  • TazTaz Member

    That's another form of firewall as well.

  • MaouniqueMaounique Host Rep, Veteran

    Pick a pass like one of mine ButItIsGoodToRemember_LFS123!@# and let the robots crack it. Of course, not in english and make sure to use weird chars in your language.
    M

  • Just continue the same as before? I don't use any IPTables rules on my servers and i don't see any reason to do so.

  • MaouniqueMaounique Host Rep, Veteran

    @gsrdgrdghd said: Just continue the same as before? I don't use any IPTables rules on my servers and i don't see any reason to do so.

    This. IPTables dont help if you have vulnerable apps, and if they dont have known exploits, then IPTables are not needed.
    So, keep your installation up to date by applying latest patches, not really by putting up the latest and greatest version, put up only what you need, listen only on the ports you need, if you access some ports only yourself, make them listen only locally and use port forwarding with ssh, etc...
    M

  • dearroydearroy Member, Host Rep

    Just keep complex password and let them be.

  • bdtechbdtech Member

    Change the port, Disable root login, then just su -

  • dmmcintyre3dmmcintyre3 Member
    edited July 2012

    SSH key auth, disable any unneeded services, run yum update often, have stuff like MySQL listen on 127.0.0.1.

  • PresbytisPresbytis Member
    edited July 2012

    @Maounique said:

    Pick a pass like one of mine ButItIsGoodToRemember_LFS123!@# and let the robots crack it. Of course, not in english and make sure to use weird chars in your language.

    M

    I pick password like "kawit esuk ketuk bengi ngantuk terus", its pretty easy to remember (my native language) but i think its long enough to prevent bruteforce. :)

  • yomeroyomero Member

    Just 68 in 10 minutes?
    Bah...

  • MaouniqueMaounique Host Rep, Veteran

    @Presbytis said: I pick password like "kawit esuk ketuk bengi ngantuk terus", its pretty easy to remember (my native language) but i think its long enough to prevent bruteforce. :)

    Any long enough password is hard to bruteforce, but using only one type of letters is not good enough, even if you have space, which few ppl use :)
    Best should have lowercase, uppercase, numbers, special chars (*&^% etc) and space as the cherry on the top :) Introducing only one of each is enough to skyrocket the number of combinations.
    However, from what i saw, those attacks are really limited, saw passes tried such as kevin, lpt and even bob...
    M

  • TazTaz Member

    Wat about passwords in Chinese language? That would be a pain to crack as bots only use english.

  • dearroydearroy Member, Host Rep

    @NinjaHawk said: Wat about passwords in Chinese language? That would be a pain to crack as bots only use english.

    Few people use Chinese character in password because you can only paste it to the blank.
    when you try to type Chinese in blank you will get Pinyin characters at last.

  • DamianDamian Member

    additionally, changing services away from "standard" ports will prevent 99% of the bruteforce attacks. There's 4 billion other IPs to try out, why bother with spending time figuring out what port you've changed to

  • TazTaz Member

    That eventually is a fun thing to do :)

  • nunimnunim Member

    @Maounique said: Any long enough password is hard to bruteforce, but using only one type of letters is not good enough, even if you have space, which few ppl use :)

    Wow I actually never knew you could use spaces in Linux passwd's, too bad if I use them now I'll never remember that I used them since I'm so used to no spaces, but thanks for the tip!

  • RandyRandy Member

    Change to a random port:)

  • jcalebjcaleb Member

    i think no need firewall if all your service will be opened anyways to the outside. e.g. if you only run ssh and web

  • Nothing. All my passwords are different and secure. Chances of someone / something cracking my passwords are pretty much nil.

  • TazTaz Member

    @AstoundingHost passwords can be cracked no matter how secure it is. May be some will take longer then other but yes, it can be cracked.

Sign In or Register to comment.