this post was submitted on 14 Nov 2023
2 points (100.0% liked)
Homelab
371 readers
3 users here now
Rules
- Be Civil.
- Post about your homelab, discussion of your homelab, questions you may have, or general discussion about transition your skill from the homelab to the workplace.
- No memes or potato images.
- We love detailed homelab builds, especially network diagrams!
- Report any posts that you feel should be brought to our attention.
- Please no shitposting or blogspam.
- No Referral Linking.
- Keep piracy discussion off of this community
founded 11 months ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
There are only four billion IPv4 addresses. A modest botnet containing only 1000 nodes, each scanning one IP a second, can scan the entire space every month and a half.
This is typical. I ran a betting pool (in minecraft) with my friends on which country the latest unauthorized connection attempt was from. Prior to 2022 the safe money was Russia.
It would appear that your router is already proactively denying requests from known-bad connections. That's good, but not sufficient.
If you expose SSH, use a public key or a strong (>128 bit strength) random password. Keep all port-forwarded software up to date to limit vulnerabilities. Use containers or virtual machines to limit the impact of a vulnerability.