Source: medium.com
Server under attack!Category: Software, Security, firewall
This is an account of my first glimpse of the dangers in the cyberworld in March 2017, or more precisely the SSH brute-force attack. There is probably nothing new here to a cloud veteran, however it might be of value to DevOps novices, personal website maintainers, hobbyists, or students.
I turned it back on, and — This time I learned the lesson to leave one SSH connection open, and attempted to login in a new terminal.
That was no surprise, considering that the firewall had been blocking the new SSH port entirely until I shut it down in the morning, and my security rule was blocking the old SSH port.
There was a short time window of vulnerability in the morning after I temporarily shutdown the firewall and before I disabled password login, and it was lucky that no one caught that.
I turned it back on, and — This time I learned the lesson to leave one SSH connection open, and attempted to login in a new terminal.
That was no surprise, considering that the firewall had been blocking the new SSH port entirely until I shut it down in the morning, and my security rule was blocking the old SSH port.
There was a short time window of vulnerability in the morning after I temporarily shutdown the firewall and before I disabled password login, and it was lucky that no one caught that.
Related Articles
Community Partners
DevOps Careers