
The joys of maintaining your own server - lnenad
https://medium.com/mockadillo/the-joys-of-maintaining-your-own-server-b030d7edafee
======
flowiz
Well yeah internet is full of bots scanning for vulnerabilities, nothing new
here. Am I missing the point of this post?

~~~
lnenad
Hey there, sorry if the point isn't clear, but, at least in my experience, the
situation was different 10 years ago, there weren't as many bots, and you had
to be guilty of success before being targeted. Nowadays all you need to do to
be a target for bots is to exist.

~~~
bordercases
What did you do such that we could trust your take?

~~~
lnenad
I have been working on web projects for the last ~15 years.

------
PureParadigm
The number of unauthorized SSH attempts will also very much depend on your IP
address.

I've hosted my own SSH server at home and from a university dorm room. At
university, I'd get way more attacks (usually from foreign IPs) than at home.
Also, on IPv6-only, I got zero attacks. I run everything behind a Wireguard
VPN now, so I don't know how things have changed in the past few years.

It would be interesting to see an analysis of attempts based on IP address
type (residential, business, various universities, various clouds). How does
the number of attacks compare within and between these categories? Perhaps
there could be a cool graphic with arrows (or some other indicator) showing
where attacks are coming from and targeting.

------
Havoc
If you change the SSH port be sure to tell fail2ban about that. ;)

------
shekharshan
I had enabled the port forwarding on my home router for 5 hours, so I could
get into my home server. I saw exactly same log pattern on my server’s ssh
logs.

