Articles

:
I Opened My Connection To SSH Attacks, And These Were The Requests I Saw

I Opened My Connection To SSH Attacks, And These Were The Requests I Saw

Published: 24 Feb 2019

Recently I decided to investigate the type of requests that I would receive if I had opened up SSH to the world. The following are the results of that investigation.

First some background.

The SSH service was being run on a Raspberry Pi and was the sole device on the internet connection. The internet connection itself was a standard residential broadband DSL service. At no point was a domain pointing towards the IP. Any SSH requests were speculative.

At this stage, I was only interested in the login attempts rather than what was trying to be done if a connection had been established. I logged the requests for a little over 7 days.
READ
So How Do I Secure SSH?

So How Do I Secure SSH?

Published: 31 Mar 2020

Some time ago I wrote an article entitled “I Opened My Connection To SSH Attacks, And These Were The Requests I Saw”, although I knew that there would be a significant number of attempts at gaining access too my SSH server, I really did not appreciate the sheer numbers that would be involved (over 100,000 attempts in 7 days).

SSH is a significant risk to your network security if not secured properly, that being the case what can you really do to secure it.

In this article we will look at methods you can use to help secure the SSH service on your device. Any instructions that are given focus on Red Hat based systems, however, these should easily be transferable to other flavors of Linux.
READ
The Dangerous World Of Single Sign-On

The Dangerous World Of Single Sign-On

Published: 6 Jan 2019

Over the years many of us have succumbed to a very serious condition, sign-on fatigue. Being required to continually supply a username and a password whenever you wish to start using a site or to log back into it. We all knew the passwords should differ between sites, however, when so many are needed this becomes tiresome at best or even impracticable. When we hit this wall, we tend to find shortcuts, in this case reusing passwords.

Over the years a few of the larger organizations recognized this and offered their own solution. Organizations such as Google, Microsoft, Facebook and Twitter (among others) started offering a single sign-on service.
READ
Unexpected Benefits of Password Managers

Unexpected Benefits of Password Managers

Published: 10 Dec 2018

For some time now, I have been a loyal LastPass customer. Passwords can be tricky and a serious issue to keep track of. However recently I came across an unexpected advantage of using such a password manager.

On the 22nd of October 2018 I received the following email:
READ