[tor-relays] ssh request from Virgin Media (Liberty Global)
William Kane
ttallink at googlemail.com
Tue Apr 6 00:11:40 UTC 2021
It might not belong to Liberty Global itself even though it was
registered as such but to one of their subsidiaries, likely Virgin
Media or Vodafone.
Random SSH probes happen very frequently, it's nothing to worry about
if you deny root login, force public key (Ed25519 if your version of
sshd supports it) authentication and make use of the AllowUsers config
variable.
Fail2Ban is useless bloatware in my opinion, you can do the same with
iptables natively.
- William
On 05/04/2021, Cristiano Kubiaki Gomes <cristianockg at gmail.com> wrote:
> I have a Relay and a Bridge up and running with ssh password disabled, ssh
> port changed and fail2ban installed.
>
> With that I noticed that one particular IP was trying to ssh my both
> machines and that IP belongs to Liberty Global, an Anglo-Dutch-American
> telecommunication company which is owner of the Virgin Media, UPS and
> Vodafone.
>
> I was wondering, why is this company trying to ssh my Tor machines?
>
> Has anyone else noticed this?
>
> I am afraid to share the company IP here because they could be here on this
> list and they could use one IP to target on specific subject and if I
> disclose that IP they could find me out 😂
>
> It’s just a FYI.
>
> Stay safe.
>
>
> --
> Cristiano Kubiaki
> Telegram <https://telegram.me/cris_kubiaki> | LinkedIn
> <https://www.linkedin.com/in/cristianokubiaki/> | Twitter
> <https://twitter.com/criskubiaki>
> ITIL - MCP - MCDST - MCTS - DCSE
>
More information about the tor-relays
mailing list