Increase security defenses against brute-force attacks #61

New issue

Closed

opened 2021-10-29 22:34:38 +00:00 by a · 2 comments

a commented 2021-10-29 22:34:38 +00:00

Owner

Copy link

With #58 and #60 exposing services like SSH and RDP on standard ports, it's important that we step up our security to prevent brute-force attacks. Maybe something like Fail2ban would be a good idea.

With #58 and #60 exposing services like SSH and RDP on standard ports, it's important that we step up our security to prevent brute-force attacks. Maybe something like [Fail2ban](https://www.fail2ban.org/wiki/index.php/Main_Page) would be a good idea.

a added this to the v5.0 milestone 2021-10-29 22:34:38 +00:00

a added the

help wanted

enhancement

security

labels 2021-10-29 22:34:38 +00:00

a added this to the (deleted) project 2021-10-29 22:34:38 +00:00

a commented 2021-10-30 00:12:01 +00:00

Author

Owner

Copy link

This has a lot of good suggestions: https://security.stackexchange.com/questions/110706/am-i-experiencing-a-brute-force-attack

This has a lot of good suggestions: https://security.stackexchange.com/questions/110706/am-i-experiencing-a-brute-force-attack

a commented 2021-11-03 00:38:39 +00:00

Author

Owner

Copy link

The default OpenSSH configuration is actually already pretty resistant to brute-force attacks. No accounts except for the normal user accounts have login shells, and root login requires a public key, so our setup should be quite secure.

The default OpenSSH configuration is actually already pretty resistant to brute-force attacks. No accounts except for the normal user accounts have login shells, and root login requires a public key, so our setup should be quite secure.

a closed this issue 2021-11-03 00:38:39 +00:00

a referenced this issue 2022-01-10 16:30:08 +00:00

Journal logs are filled with SSH brute force attempts #94

a referenced this issue 2022-01-28 01:17:55 +00:00

Possible mitigations for the recent "minecraft" hack #103

a referenced this issue 2022-01-28 16:58:56 +00:00

Investigate brute-force attacks against all exozyme services #104

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

v9.0

v8.8

v8.7

v8.6

v8.5

v8.4

v8.3

v8.2

v8.1

v8.0

v7.10

v7.9

v7.8

v7.7

v7.6

v7.5

v7.4

v7.3

v7.2

v7.1

v7.0

v6.1

v6.0

v5.1

v5.0

v4.2

v4.1

v4.0

v3.0

v2.5

v2.4

v2.3

v2.2

v2.1

v2.0

v1.3

v1.2

v1.1

v1.0

v0.3-beta

Labels

Clear labels   

bug

Something is not working

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

help wanted

Need some help

  

invalid

Something is wrong

  

question

More information is needed

  

security

Security vulnerability

  

wontfix

This won't be fixed

No labels

bug

duplicate

enhancement

help wanted

invalid

question

security

wontfix

Milestone

Clear milestone

No items

No milestone

v5.0

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: exozyme/exozyme#61

No description provided.