[Mailman-Users] Brute force attacks on mailman web ui

Natu incoming-pythonlists at rjl.com
Thu Apr 19 13:08:40 EDT 2018


On 04/17/2018 08:27 PM, Carl Zwanzig wrote:
> On 4/17/2018 7:20 AM, Rich Kulawiec wrote:
>> I stood up a new server last fall with *no* valid ssh access and logged
>> about 750,000 attempts in a month.   Similar patterns.
>
> There's a reason I don't put sshd on port 22; moving it elsewhere and
> blackhole-ing 22 cut the auth log tremendously.
>
> (

If you have no users logging in remotely or if users are technical
enough, consider using fwknop for ssh and other services.  I also use
openvpn or openvpn with fwknop to access the vpn.  I've found fwknop to
be rock solid, and I've never had even a single attack on services that
use fwknop.  http://www.cipherdyne.org/fwknop/

Natu



More information about the Mailman-Users mailing list