So if you are reading this then you have probably seen what appears to be every bot in China connecting to your Postfix server to attempt anything from relaying to auth attacking. Well, have I got the solution for you! Now before you implement this, I will warn you, this is very restrictive, it doesn’t… Read more »
Limit SSH connections geographically
There is a real security risk to leaving your shell connection ports exposed to the internet especially if you don’t ever intend on connecting from Zimbabwe as well as other random countries. This can limit brute force attack exposure and also save valuable resources and bandwidth by rejecting a packets before a tcp handshake. Install… Read more »
Deny ICMP Ping on Outside Dialer Interface (Cisco Router)
Deny ICMP Ping on Outside Dialer Interface for a Cisco Router I am a firm believer of “if you don’t need it, turn it off”, icmp ping is no exception. Doing such reduces the surface area of attack, as most port scanners initially ping the target to see if there is a replying host at… Read more »
How to block telnet and SSH on outside interface on Cisco routers
How to block telnet and SSH on outside interface on Cisco routers By default, a lot of Cisco routers allow Telnet and SSH on the outside interface, this can cause a large security risk of being brute force attacked. Ideally Telnet should be blocked completely as it is an unsecure protocol and SSH should only… Read more »
How to install and configure fail2ban on Linux
How to install and configure fail2ban Reducing your attack area is ideal but in the situations where you need to expose services to the wild, you should reduce the effectiveness of attacks, this is where Fail2Ban comes in handy, it constantly reads logs you specify in the configuration file for multiple user pass attempts, if… Read more »