New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Be rather screwed?
I would die without em. What about you?
Fail2ban?
That's another form of firewall as well.
Pick a pass like one of mine ButItIsGoodToRemember_LFS123!@# and let the robots crack it. Of course, not in english and make sure to use weird chars in your language.
M
Just continue the same as before? I don't use any IPTables rules on my servers and i don't see any reason to do so.
This. IPTables dont help if you have vulnerable apps, and if they dont have known exploits, then IPTables are not needed.
So, keep your installation up to date by applying latest patches, not really by putting up the latest and greatest version, put up only what you need, listen only on the ports you need, if you access some ports only yourself, make them listen only locally and use port forwarding with ssh, etc...
M
Just keep complex password and let them be.
Change the port, Disable root login, then just su -
SSH key auth, disable any unneeded services, run yum update often, have stuff like MySQL listen on 127.0.0.1.
M
I pick password like "kawit esuk ketuk bengi ngantuk terus", its pretty easy to remember (my native language) but i think its long enough to prevent bruteforce.
Just 68 in 10 minutes?
Bah...
Any long enough password is hard to bruteforce, but using only one type of letters is not good enough, even if you have space, which few ppl use
Best should have lowercase, uppercase, numbers, special chars (*&^% etc) and space as the cherry on the top Introducing only one of each is enough to skyrocket the number of combinations.
However, from what i saw, those attacks are really limited, saw passes tried such as kevin, lpt and even bob...
M
Wat about passwords in Chinese language? That would be a pain to crack as bots only use english.
Few people use Chinese character in password because you can only paste it to the blank.
when you try to type Chinese in blank you will get Pinyin characters at last.
additionally, changing services away from "standard" ports will prevent 99% of the bruteforce attacks. There's 4 billion other IPs to try out, why bother with spending time figuring out what port you've changed to
That eventually is a fun thing to do
Wow I actually never knew you could use spaces in Linux passwd's, too bad if I use them now I'll never remember that I used them since I'm so used to no spaces, but thanks for the tip!
Change to a random port:)
i think no need firewall if all your service will be opened anyways to the outside. e.g. if you only run ssh and web
Nothing. All my passwords are different and secure. Chances of someone / something cracking my passwords are pretty much nil.
@AstoundingHost passwords can be cracked no matter how secure it is. May be some will take longer then other but yes, it can be cracked.