Skip to main content

Protect CentOS from unwanted SSH failed login attempts with Fail2Ban

SSH is most likely the most secure way to remotely connect to a LINUX-based server machine. However, the fact that the SSH daemon service needs to be reached from the Internet and is usually configured to listen to a well-known TCP port has always been a major security flaw: it allows attackers to relentlessly spam it with a huge number login attempts, hoping to find a hole in your UAC setup.

To better understand what we’re talking about, let’s take a look at the following screenshot:

Those 150 failed login attempts have been attempted on one of our CentOS7 servers in a fifteen-minute range: we’re easily talking about thousands of them every single day, which would eventually break any non-strong password, other than flooding our beloved port 22.

It would be a good thing if we could do something about this nasty problem, for example issuing some throttling rules that could force these login attempts to respect a time limit each time they issue a wrong password. Luckily enough, there’s more than something we can do about that.

UPDATE: if you have the same problem with the Windows Server RDP service, read here to fix it.

Read More

Ubuntu ISO Download – Zesty Zapsus (17.04), Xenial Xerus (16.04.3), Trusty Tahr (14.04.5), Precise Pangolin (12.04.5)

For those who need them, here are the official URLs to download the ISO images for all the most recent Ubuntu releases (desktop & server, i386 or AMD64).

Please take into account that the AMD64 releases should only be considered for those computers based upon AMD64 or EM64T architecture (e.g., Athlon64, Opteron, EM64T Xeon, Core 2). If you have a non-64-bit processor made by AMD, or if you need full support for 32-bit code, use the i386 images instead (choose this if you are at all unsure).

Read More

Close