mstdn.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general-purpose Mastodon server with a 500 character limit. All languages are welcome.

Administered by:

Server stats:

17K
active users

#failtoban

0 posts0 participants0 posts today
ThomasCraig<p><span class="h-card" translate="no"><a href="https://grafana.social/@dee" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>dee</span></a></span> This presents a <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> risk to any organisation that depends on <a href="https://mastodon.social/tags/failtoban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>failtoban</span></a> but is not supporting it.</p><p>Has anybody successfully championed for their org to make recurring donations to the open source software projects they rely on? How did you do it? Any challenges you confronted?</p>
Daltux<p>Nowadays, <a href="https://ayom.media/tags/VPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VPS</span></a> providers would save their own CPU and network resources, as well as the customer's time, if they set up virtual machine templates with <a href="https://ayom.media/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fail2ban</span></a> already configured, because the annoying password guessing (brute force) attacks start right after a machine is booted for the first time. This would be a much more helpful customization than putting ASCII art in motd files.</p><p><a href="https://ayom.media/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://ayom.media/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a> <a href="https://ayom.media/tags/failtoban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>failtoban</span></a> <a href="https://ayom.media/tags/BruteForce" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BruteForce</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@nixCraft" class="u-url mention">@<span>nixCraft</span></a></span> Eeyupp...</p><p>That&#39;s why one has to use <a href="https://mstdn.social/tags/FailToBan" class="mention hashtag" rel="tag">#<span>FailToBan</span></a> very aggressively as well as blocklists AND ideally pubkey-based auth.</p><p>I mean, I do pull a lot of blocklists on top of that because there is no legitimate reason not to use <a href="https://mstdn.social/tags/Spamhaus" class="mention hashtag" rel="tag">#<span>Spamhaus</span></a> <a href="https://mstdn.social/tags/DROP" class="mention hashtag" rel="tag">#<span>DROP</span></a> blocklists...</p><p><a href="https://github.com/greyhat-academy/lists.d/blob/main/blocklists.list.tsv" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">github.com/greyhat-academy/lis</span><span class="invisible">ts.d/blob/main/blocklists.list.tsv</span></a></p>
Adam Trickett :debian: :kde:<p>Make sure you disable password logins and ideally only allow named users with SSH.</p><p>Just stood up some new VMs and the logs are already flooded with random SSH logins...!</p><p><a href="https://fosstodon.org/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a> <a href="https://fosstodon.org/tags/cert" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cert</span></a> <a href="https://fosstodon.org/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://fosstodon.org/tags/failtoban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>failtoban</span></a> <a href="https://fosstodon.org/tags/firewall" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>firewall</span></a> <a href="https://fosstodon.org/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a></p>