Re: [CentOS] firewall questions

2020-06-23 Thread tbuchanan
working on it. some other issues got in the way of testing. -- Ted Buchanan Computer/Network Analyst - Vincennes University tbucha...@vinu.edu From: "Jon LaBadie" To: "Jon LaBadie" Date: 06/22/2020 04:57 PM Subject: Re: [CentOS] firewall questions Sen

Re: [CentOS] firewall questions

2020-06-22 Thread Jon LaBadie
On Sun, Jun 21, 2020 at 02:33:18PM -0500, Chuck Campbell wrote: > I'm running Centos 7.8.2003, with firewalld. > > I was getting huge numbers of ssh attempts per day from a few specific ip > blocks. > > The offenders are 45.0.0.0/24, 49.0.0.0/24, 51.0.0.0/24, 111.0.0.0/24 and > 118.0.0.0/24, and

Re: [CentOS] firewall questions

2020-06-21 Thread Erick Perez - Quadrian Enterprises
Please take a look at https://www.wireguard.com/quickstart/ we now reduced the attack vector to only the things offered to the public (https, smtp tls and imaps/s) On Sun, Jun 21, 2020 at 3:58 PM Pete Biggs wrote: > On Sun, 2020-06-21 at 16:47 -0400, mailist wrote: > > On 2020-06-21 15:33, Chuck

Re: [CentOS] firewall questions

2020-06-21 Thread Pete Biggs
On Sun, 2020-06-21 at 16:47 -0400, mailist wrote: > On 2020-06-21 15:33, Chuck Campbell wrote: > > I'm running Centos 7.8.2003, with firewalld. > > > > I was getting huge numbers of ssh attempts per day from a few specific > > ip blocks. > > If you can control the ssh clients, switch your port nu

Re: [CentOS] firewall questions

2020-06-21 Thread mailist
On 2020-06-21 15:33, Chuck Campbell wrote: I'm running Centos 7.8.2003, with firewalld. I was getting huge numbers of ssh attempts per day from a few specific ip blocks. If you can control the ssh clients, switch your port number to a non-standard port. Pick one in /etc/services that does no

Re: [CentOS] firewall questions

2020-06-21 Thread Pete Biggs
On Sun, 2020-06-21 at 14:33 -0500, Chuck Campbell wrote: > I'm running Centos 7.8.2003, with firewalld. > > I was getting huge numbers of ssh attempts per day from a few specific > ip blocks. > > The offenders are 45.0.0.0/24, 49.0.0.0/24, 51.0.0.0/24, 111.0.0.0/24 > and 118.0.0.0/24, and they

Re: [CentOS] firewall questions

2020-06-21 Thread John Pierce
On Sun, Jun 21, 2020 at 12:33 PM Chuck Campbell wrote: > I'm running Centos 7.8.2003, with firewalld. > > I was getting huge numbers of ssh attempts per day from a few specific > ip blocks. > > The offenders are 45.0.0.0/24, 49.0.0.0/24, 51.0.0.0/24, 111.0.0.0/24 > and 118.0.0.0/24, > so just 4

[CentOS] firewall questions

2020-06-21 Thread Chuck Campbell
I'm running Centos 7.8.2003, with firewalld. I was getting huge numbers of ssh attempts per day from a few specific ip blocks. The offenders are 45.0.0.0/24, 49.0.0.0/24, 51.0.0.0/24, 111.0.0.0/24 and 118.0.0.0/24, and they amounted to a multiple thousands of attempts per day. I installed an