3 Mar
2021
3 Mar
'21
17:09
On 2021-03-03 12:04 p.m., Lew Wolfgang wrote:
Why not block everything by default if you're not running a pubic server? Just open needed ports to specific addresses, not even subnets.
Normally, I only allow VPN access to my network and just had ssh open for some testing. Putting that in will block them from trying anything, not just ssh and that network was where all the hits were coming from.