Help, I'm being hacked by anonymous!
What do?
>>52038102
Pull the plug anon
Install fail2ban
>>52038334
that's a funny way of spelling gentoo
Look at these bad goyim. I literally only installed this shit yesterday and anonym0use is already trying to le epic hack me.
>>52038102
looks like a bunch of failed ssh login atempts, somebody's trying to bruteforce. Better call up the ISP and ask them change your public IP address
>>52038501
They probably get them from when I torrent, so it's not like getting a new one fixes much.
>>52038102
what am I looking at here? how can I see if someone tried to hack into my computer?
>>52038501
You have no idea do you?
Setup a honey pot, monitor them and ridicule them publicly
https://www.youtube.com/watch?v=oJagxe-Gvpw
(World's worst hacker)
>>52038334
/thread
Just start using fucking RSA keys and forget about skiddies
>>52038102
Change your ssh port.
>>52038334
>>52038807
/thread
>>52038807
>>52038334
/thread
resistance is futile op
We are Anonymous.
We are Legion.
We do not forgive.
We do not forget.
Expect us.
>>52038853
99% of these are chinks not edgy teens pretending to be hackers
>>52038102
Ok, don't panic. Get up and close the blinds, curtains, shade, whatever it is that you have. Anonymous are extremely weak against window blinds.
This isn't 100% effective, all of the time, so your next step should be to install Norton, and get a dog. Not just hackers on steroids, but literally all stupid-asses can't hack or nuthin' if you have Norton. The dog, well that one should be obvious.
If not, then you may be autistic, in which case Anonymous is trying to recruit you into The Internet Hate Machine, rather than hack you, so there's nothing to worry about--you will need to provide your own Guy Fawkes mask however, because you know, Anonymous expects you to be self-sufficient, and stand on your own two feet...or well, sit proudly and defiantly atop your motorized scooter like a big (350lbs, minimum) boy. How can you be trusted with important shit like calling up Scientology and yelling "NIGGER" or sending pizzas and boxes to strangers, if you can't even procure your own fucking mask?
Also, why did you not expect them? You've been told numerous times to do this. They're not the Spanish Inquisition, faggit.
>>52038893
I am 22. I am Russian. Expect us.
>>52039362
After changing the port just now, I took a look at the auth.log again and the last couple of attempted user names were Russian.
Will you not install malware on my computer if I leave some dank kot memes for you to take?
>>52038679
What the heck is he trying to do?
>>52038679
kekd pretty hard
>cd samba
>cd samba
>cd samba
>perl
>perl
>perl
idiot
>>52038102
if you open your ssh port to the world you just have to never look in the logfile
i was left in charge of a server where someone set up a firewall that whitelisted EU & american ip's only. china, india russia were all dropped
sshd log was practically empty
>>52039670
A lot of the addresses were Dutch and German actually. Rest were Russian and Korean.
this is a VERY common thing
>>52038334
/thread
i learned something today
thanks /gee/
>>52039792
any recommended fail2ban settings?
>>52038679
what a noob. you can't run .pl files if you download them from a .ro domain because of the language difference
how did you monitor your ssh logs op
>>52041243
http://askubuntu.com/questions/178016/how-do-i-keep-track-of-failed-ssh-log-in-attempts
>>52042469
thanks familio
>>52038274
this
they can't hack what isn't online
literally read the sticky and search for "server" in the wiki and scroll down to security so you can set up a key and then you can forget about the bruteforcers
fail2ban
Alternatively, go into your sshd_config and add
AllowUsers username
If you can restrict by IP, do that too
AllowUsers [email protected]
Consider using keys for logins.
Consider using iptables to restrict IPs so they can't even hit your SSH daemon.
I opened an unsecured ftp connection once. It was kind of like this. I felt wanted for once.
I like how /g/ likes to use the linux gets no viruses and switch over from windows goy to do shit like this to unsuspecting users
>>52039809
Yeah, don't. It's pointless snakeoil for plebs who get scared from looking at their auth.log
It's not practically feasible to brute force over network because sshd has built in limits, they're just testing well known default accounts and passwords. If you don't have any of those, you're safe.
Let the faggot in, then close the SSH daemon so hes locked in and let us teamview your server so we can all jump this 'anonymous' fuck at once.
This is what happens when you install 4chan (deadly virus) to your computer or PC.
>>52038102
What are you using to show the log/log connections?
Could i set up a fake login that goes nowhere and watch people fail miserably
>>52044117
Yes its called honeypot
>>52043932
don't think that's the way it works anon
>>52038102
Change ssh port to something else, disable password auth.
Problem solved.
>>52038334
this, really long password, use a key to login, disable root logins and change the port, use any under 1024 (some root priveleges shit)
>inb4 obscurity is not security, it helps tho, this are robots on default ports
>>52044269
>use a key to login
>disable root logins
These increase security
>change the port
>fail2ban
These are retarded little monkey dances that do nothing for actual security.
>>52044368
>retarded little monkey dances that do nothing
Well, they make my auth.log much more readable now that it's not 99% failed ssh logins
>>52038102
you disable fucking outside logins from your router idiot
>>52038102
Setup fail2ban / pubkey | rsa only auth
>>52044707
he never said that retarded little monkey dances aren't cool
The feel when I haven't changed admin password away from admin on my winblows computer because I couldn't give a shit :D
Setting up fail2ban if you already have key-only auth is completely pointless.
Just use key-only auth and if you want less clutter in your log, change to a non-standard port.
>>52043932
Stop playing Shadowrun fellow Anon.
Your are dreaming...
