[tor-relays] SSH scans from Tor exit

I beatthebastards at inbox.com
Tue Apr 29 00:28:25 UTC 2014


I first thought that the numerous complaints of my VPS being the source of the SSH (outgoing) attacks was that I hadn't done the things you suggested below and been 'hacked' but now one VPS business has looked at the VPS processes and said it must be coming out of Tor as I run an exit.

So I am asking whether this is rare or am I not doing something which others are doing?
Is it just a matter of removing SSH from the already long list of port limitations?

Robert
 
> Could you explain with more details? Your question is not totally clear.
> 
> If your VPS is being SSH brute forced there are many ways to protect:
> - - make hostbased authentication or use keys instead of password-based
> authentication
> - - install fail2ban to ban IPs after "x" wrong passwords
> - - make sure you put a very strong password, seriously
> - - disable root login via ssh
> - - if you have a VPS made with KVM you can disable SSH access at all
> and use the javaconsole from the VPS panel?




More information about the tor-relays mailing list