I restrict SSH access with iptables allowing only access from two IP addresses (work, and home). I also disable root login (as many already do), as well as use the AllowUsers option in SSH.
regards, Robin ----- Original message ----- From: Fr33d0m4all <fr33d0m4...@riseup.net> To: tor-relays@lists.torproject.org Subject: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address Date: Wed, 4 Oct 2017 08:02:55 +0200 Hi, My Tor middle relay public IP address is victim of SSH brute force connections’ attempts and the attack is going on since two weeks ago. It’s not a problem, the server that is listening with SSH on the same IP address than my Tor relay blocks the connections and bans the IP addresses (with Fail2Ban) but I just wanted to know if there is some campaign of attacks carried against Tor relays.. are you experiencing the same? The attacks are carried on with a botnet given the large amount of different IP addresses that I see in the logs. Best regards, Fr33d0m4All _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
