Hi all, I was able to add IPv6 on four HardenedBSD relays I run however I have now noticed a number of malicious login attempts. I am wondering if there is some correlation with the IPv6 or just a coincidence? Best regards, Dan Sent from ProtonMail for iOS
On Wednesday, December 15, 2021 3:21:17 AM CET xplato via tor-relays wrote:
owever I have now noticed a number of malicious login attempts
IPv6 login attempts (SSH) are very very rare. 1 per year! IPv4 several per day. I mostly _only_ allowed SSH login over IPv6. A /64 subnet has many addresses to scan = 18.446.744.073.709.551.616 -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom!
however I have now noticed a number of malicious login attempts
Using a non standard ssh port and blocking power 22 should reduce the bot login attempts. (If you’re running a VPS be sure to test your custom port before blocking 22) I don’t see a relationship between IPv6 and login attempts though. You could have entered your IP on malicious site to test IPv6. Cheers, Murad.
participants (3)
-
lists@for-privacy.net -
Murad Jabir -
xplato