It isn't bullet proof of course but it should significantly cut down on the hits. Most network scans like nmap stop at the first 1024 ports to save time by default, so aim for something high and not normally used. The easiest thing to do there is to change the default ports to something else. That's going to happen when you port forward the default ftp ports through your NAT. The China/Russia hits aren't anything new. This is more convoluted because they can assign them out to anyone as they please. Registrars just shows who's registered to own the block and doesn't have much to do where the IP is actually issued. IP address assignments to customers can routinely change, so this isn't going to be super accurate. When they didn't have data, they used to put it at the center coordinates of the country of origin from the registrar which has had some unfortunate consequences for regular people just living where they do. Geoloc databases such as Maxmind data mine their customer's e-commerce data and toss in the likely zipcode of the IP. The 'location' is based on either a registrar whois (ARIN, RIPE, AfriNIC, etc.) or a geolocation database. It could have been from your nephew's IP and legit. I know I'm not secured from the direct distributed attacks but there is no enemies wanting to hack personally me, just stupid automated attacks (I hope). So, when someone or something trying to find SSH or FTP on my IP address, they just going into the list and can't connect anymore. Also, the FileZilla comes bundled with some crapware from now so click the other downloads link to download a version without bundles.Īlso, I'm using a firewall on my home Mikrotik device set up to add any scanners into the blocking list to tarpit (it's attack on the attacker, just opens the connection always but never transfers any data to hold the attacker) any TCP and drop any UDP from the attacker's IP address. Also if this is mandatory you can use it behind your own VPN service or you can change your FTP server's default port into something unusual to hide it's presence. Using FTP server with access from all the world is totally bad idea. I checked the logs - this was their first and only attempt. No plans (nor need) to open it up again in the near future. I shut the whole thing down right as they were going for a directory listing. I formerly had it going to share files within the house. But THEN, sirs and madams, I watched as the same IP suddenly entered MY uname (which happens to be a rather unique nickname of mine) and, after a few attempts, MY password. I watched, real-time, as whoever/whatever began to spit a bunch of garbage characters.įail. Well one day, I just happened to be down there and noticed yet another attempt. When poking around on the basement server box, I’d occasionally see some failed logins from China/Russia and the like. I had the FileZilla window opened up on a 2nd monitor most of that time. Limited access to a single directory containing the files in question. Then I left it open, maybe a month, just in case he needed to get back to it (also: sheer laziness). I set up an FTP server for my nephew a few weeks ago, just to transfer a couple files outside email attachment limits. So I’m (generally) pretty careful (as in, I know that FTP is not the modern, secure way to transfer files…but usually good enough, given my limited application). I’ll preface this by saying that I know just enough about networking, in general, to get myself in trouble. u/RoweDent created this awesome resource on network theory u/tht1kidd_ has created a suggestion post regarding information everyone needs to provide when asking a question about their network There have been some excellent guides written in this sub, and we're always looking for more! If you wish for your flair to be changed, please message the mods and we'll be happy to change it for you. Proof of at least 6 month's history of posting in this subredditĪs a result of this, users are now no longer able to edit their own flair. Your highest level of industry certification, or highest IT related job title held in the last 5 years to a comment you made in the last 6 months, helping someone in the community To obtain trusted flair for your account please message the mods of /r/HomeNetworking with the following info Trusted user flair has been added as a means of verification that a user has a substantial knowledge of networking. ![]() ![]() Please flair your posts as Solved, Unsolved, or simply Advice. If you can't find what you're looking for with the search function please feel free to post a new question after reading the posting guidelines Please use the search function to look for keywords related to what you want to ask before posting since most common issues have been answered.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |