undefined | Better HN

0 pointsgobdovan2mo ago0 comments

Yes, <1h was a weak root password. All attacks I've seen directly were always user error. The point is effectively removing attack surfaces rather than enhancing security in needlessly exposed internet-facing protocols.

0 comments

3 comments · 1 top-level

dwedge2mo ago· 2 in thread

It must have been comically weak, like "root", "password" or something like that

____tom____2mo ago

You'll get thousand of attacks a day (and it's been years since I have done this, so probably worse). They try the list of 1000 or so most common passwords across the whole internet. It works often enough to be cost effective.

dwedge2mo ago

Yeah exactly. If your password can be bruteforced in 1000 or so attempts you have bigger problems than not having fail2ban on ssh. The parent comment was suggesting someone was hacked in an hour for leaving ssh on default settings, and it's obviously not true.

2 more replies

j / k navigate · click thread line to collapse