this post was submitted on 22 Aug 2023
76 points (97.5% liked)

Asklemmy

43856 readers
1849 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[โ€“] Ziggurat@sh.itjust.works 48 points 1 year ago (1 children)

Most likely : Someone script kiddie tried to attack-it, and some user had a week password. There is tons of bot farm attacking any device connected to the internet all the time, as indiviual, we usually have a firewall/router between our PC and internet (so the whole family gets wifi), and keep all the "remote access services" off. But a telescope is typically the kind of infrastructure where "remote access" is necessary meaning that you're a target for attacker

[โ€“] ImplyingImplications@lemmy.ca 43 points 1 year ago* (last edited 1 year ago) (3 children)

There is tons of bot farm attacking any device connected to the internet all the time

A neat experiment is to configure an SSH server that has no users. It'll allow connections but it isn't possible to actually login. It'll also have a log where you can view login attempts. Within a few days of going online, your logs should be filled will tens of thousands of login attempts from IP addresses from around the world.

[โ€“] sylver_dragon@lemmy.world 14 points 1 year ago

Yup, in the last 24 hours, my little home server had 244 failed ssh logins and a bunch of web application attacks. If it's on the internet, it's under attack constantly. Fall behind on your patching, and you're going to get popped.

[โ€“] Moghul@lemmy.world 5 points 1 year ago

Yup. Our company gets this all the time, in addition to some impromptu basic pentesting.