Is this many attacks normal?

  • I don't usually check my auth log, but last night I did and I had apparently been targeted by someone in china. So modified my iptables to block him and upgrade a few things security wise and all was fine again. But around 8pm today I stared get hit from someone in Turkey, every few seconds (example in the code box).They're not getting through, but really trying. I even decided to just close all my ports even (now I can't even SSH outside my house lol. I'm just curious if this is normal, or if I should contact my provider (Comcast) and tell them there is malicious attacks against my IP and hope they give me a new IP (it hasn't changed in 2 years).


    Modpic.gif

    Azulle Access Plus Mini PC Stick
    Processor:
    Intel(R) Atom(TM) x5-Z8350 CPU @ 1.44GHz
    Memory: 4
    GB RAM
    Kernel: Linux 4.19.0-0.bpo.5-amd64
    Version: 4.1.35-1 (Arrakis)

  • IP renewal is a good thing to stop those attacks but does only help if they use the IP instead of the DynDNS name.


    Like the auth.log says, these could be possible break-in attempts. I´d close all ports you do not need and switch to VPN instead.
    If you really need SSH access remotely, have a look at this great guide from sub - [GUIDE] Enable SSH with Public Key Authentication (Securing remote webUI access to OMV)


    Rerouting well known ports to randome higher ports is also a good idea.


    Contacting you provider may also help.

  • Oh, my SSH is private key only. already did all that lol. And VPN costs money. Comcast said they couldn't change my ip because it is DHCP, utter BS IMO, they're just lazy. @subzero79 how do I forward a high wan port to 22 in OMV?



    Extra Q if either of you want to answer it, how to make this script (blocklist.sh) run after boot? already tried `crontab -e` as root and added `@restart /etc/blocklist.sh` and also tried adding the script to `/etc/network/if-pre-up.d/iptables` and also tried to add to init.d and update, but got an error that it couldn't do it because it required watchdog or something.


    Modpic.gif

    Azulle Access Plus Mini PC Stick
    Processor:
    Intel(R) Atom(TM) x5-Z8350 CPU @ 1.44GHz
    Memory: 4
    GB RAM
    Kernel: Linux 4.19.0-0.bpo.5-amd64
    Version: 4.1.35-1 (Arrakis)

  • @WastlJ Oh I thought he meant actually within OMV lol. I was like, cool, how lol!?



    and yeah it is executable. I can call it view scheduler GUI and run as root and also just execute with /etc/blocklist.sh


    I'm just not sure why it's not creating the ipset tables and adding them to iptables. After reboot I check and they're not there. Have to run in manually after boot. I'm trying something new though with it. Trying to see if it'll create the sets without adding the tables, then have it execute an extra command to move a 2nd file to restore

    Modpic.gif

    Azulle Access Plus Mini PC Stick
    Processor:
    Intel(R) Atom(TM) x5-Z8350 CPU @ 1.44GHz
    Memory: 4
    GB RAM
    Kernel: Linux 4.19.0-0.bpo.5-amd64
    Version: 4.1.35-1 (Arrakis)

  • And VPN costs money.



    I've been using VPN for over 10 years and never paid a dime. What do you think we have the 2 OpenVPN plugins for??? The community version is free period. The OpenVPN Access version is free unless you want more than 2 users to connect at the same time.

  • The OpenVPN Access version is free unless you want more than 2 users to connect at the same time.


    I read that openVPN doesn't work with torrents. I download my weekly anime with torrents lol

    Modpic.gif

    Azulle Access Plus Mini PC Stick
    Processor:
    Intel(R) Atom(TM) x5-Z8350 CPU @ 1.44GHz
    Memory: 4
    GB RAM
    Kernel: Linux 4.19.0-0.bpo.5-amd64
    Version: 4.1.35-1 (Arrakis)

  • apt-get install fail2ban


    Yeah, going to do that today. Was working on something yesterday that stopped that that lol

    Modpic.gif

    Azulle Access Plus Mini PC Stick
    Processor:
    Intel(R) Atom(TM) x5-Z8350 CPU @ 1.44GHz
    Memory: 4
    GB RAM
    Kernel: Linux 4.19.0-0.bpo.5-amd64
    Version: 4.1.35-1 (Arrakis)

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!