• @[email protected]
    link
    fedilink
    43
    edit-2
    1 year ago

    There is tons of bot farm attacking any device connected to the internet all the time

    A neat experiment is to configure an SSH server that has no users. It’ll allow connections but it isn’t possible to actually login. It’ll also have a log where you can view login attempts. Within a few days of going online, your logs should be filled will tens of thousands of login attempts from IP addresses from around the world.

      • @[email protected]
        link
        fedilink
        101 year ago

        You should see what gets sent to web servers. All sorts of exploit strings ranging from IIS to WordPress.

    • sylver_dragon
      link
      English
      141 year ago

      Yup, in the last 24 hours, my little home server had 244 failed ssh logins and a bunch of web application attacks. If it’s on the internet, it’s under attack constantly. Fall behind on your patching, and you’re going to get popped.

    • @Moghul
      link
      51 year ago

      Yup. Our company gets this all the time, in addition to some impromptu basic pentesting.