Hackers
Since I have been playing with Docker for the past few weeks I have had more servers on-line. I don’t have a static IP address at home so while I have a jump host setup I found I was still being port scanned and brute forced.
I only caught a sniff of it in the logs while looking at another problem, even though password authentication is disabled and I only use keys I decided install Fail2Ban to start blocking people, just in-case. As I use Puppet I installed a module and enabled it. Since then I have been flooded with emails !!!
Across both of the machines I am currently running it has been triggered over 150 times in the last 48 hours, and thats just SSH. Considering that this machine is nothing than a test server I would hate to be actually running anything of worth.
Related Posts
Falco by sysdig
Discover Falco by Sysdig, a powerful behavioral security service monitoring system calls.
More site updates
Russ Mckendrick improves blog speed, adds Gruntfile features for testing and deployment to Amazon S3 with Cloudflare cache flushing.
Git + Rebase
Streamline your Git workflow with Russ Mckendrick's tips! Learn how to fork, add remotes, and rebase for maximum efficiency.