I restrict SSH access with iptables allowing only access from two IP addresses (work, and home). I also disable root login (as many already do), as well as use the AllowUsers option in SSH.
regards, Robin
----- Original message ----- From: Fr33d0m4all fr33d0m4all@riseup.net To: tor-relays@lists.torproject.org Subject: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address Date: Wed, 4 Oct 2017 08:02:55 +0200
Hi, My Tor middle relay public IP address is victim of SSH brute force connections’ attempts and the attack is going on since two weeks ago. It’s not a problem, the server that is listening with SSH on the same IP address than my Tor relay blocks the connections and bans the IP addresses (with Fail2Ban) but I just wanted to know if there is some campaign of attacks carried against Tor relays.. are you experiencing the same? The attacks are carried on with a botnet given the large amount of different IP addresses that I see in the logs.
Best regards, Fr33d0m4All _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays