Nostr Web Client

Skhron - VPS for Bitcoin, Lightning and Monero

Have you ever seen your sshd logs being clean without crowdsec or fail2ban while listening on 22/tcp with public IPv4?

At Skhron, all our customers benefit from our TCP tarpit system that detects global portscan:

Remarkably, this not only helps our customers but makes the entire Internet a bit more safe place - we automatically notify network owner about suspected device infection. This helps detect malware infection to cure it further.

Papa Figos 10mo ago

IPv6 is widespread enough these days, just listen on TCP6, portscans are not feasible over such a large address space.

Script kiddies hate this one trick!

Reply to this note

Please Login to reply.

Discussion

Skhron - VPS for Bitcoin, Lightning and Monero 10mo ago

This will work unless IPv6 address is used to host any website with TLS - Censys and Onyphe AFAIK already use this heuristics to scan IPv6 addresses already

Papa Figos 10mo ago

You don't need to bind sshd to the same IP as a webserver or anything else. There are gazillions of IP6's, scanning them all isn't feasible.

On most servers you get a /64, which is 18,446,744,073,709,551,616 IP6s. That's 18 quintillion.

Skhron - VPS for Bitcoin, Lightning and Monero 10mo ago

This is true, intention of my post was to raise awareness of others

Papa Figos 10mo ago

Yup, and what you said is good info too. Just figured I'd add the IPv6 angle.

Skhron - VPS for Bitcoin, Lightning and Monero 10mo ago

Btw we offer routed /56 IPv6 prefixes if asked for free if default /64 allocation is not enough

Tristan Brice Velloza Kildaire 10mo ago

My router gets hit with SSH attempts.

It's hilarious.

That and also people seemingly trying to fudge /cgi-bin/luci :-)

Skhron - VPS for Bitcoin, Lightning and Monero 10mo ago

Btw, we share the list of IP addresses we have detected as performing an unsolicited TCP portscan here: https://otx.alienvault.com/pulse/66794486bda6c3cf8823c604

It is updated hourly

Tristan Brice Velloza Kildaire 10mo ago

Oh, neat!