Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
sariel84473yI have actually done this.
Had a personal server that was actively being attacked.
Since I was running this at home on residential ISP, I just unplugged the modem. It kicked the connection off. When I plugged it back in I got a new IP.
Then I could go back and figure out how they got in and harden the system. -
sariel84473y@bioDan yeah, same reason anyone gets in.
The network engineer (me) and sys ops engineer(also me) was an idiot.
Don't open standard ports to the internet kiddos. Don't even open anything but 443 tbh. If you must, at least port forward with a non-standard port.
If you absolutely must open THE port, create a whitelist with the IP you're trying to connect from in your firewall.
If you can't do that, go find a MCSP that will be your proxy with a VPN back to your server. -
hjk10156963y@sariel the service should be secure hiding ports does not really work on a slightly targeted attack. If you must hide a port use a knocker or as your suggested block on IP address even though they is also a bit of a hack.
One nice thing of containerised services is that they can be greatly sandboxed and divide the attack surface.
👨💻
joke/meme