If you have your own Linux server, you might have noticed continuous SSH (Secure Shell) brute-force authentication attacks, and continuous port scanning. It is possible to prevent this using either OpenVPN or knockd. What is invisible server? For the server to be invisible it must appear as an unused IP address. It means that server should not respond to any requests. There are solutions, such as fail2ban. It will temporarily block IP address that has failed to log in to SSH multiple times. However, they know that your server is still online, and they will keep trying to gain access. Solution #1: Port-knock server (knockd) To access server, you need to first knock specific ports in a correct sequence. Knocking is done by simply sending a packet to each port. If ports are knocked in a correct sequence, firewall grants your IP address access to server. The disadvantage with this method is that it is easy for the attacker to sniff the port sequence. You can read more about port knocking and how to configure it, for example, here: https://www.the-art-of-web.com/system/port-knocking-knockd/ Solution #2: OpenVPN with HMAC authentication (tls-auth) It uses a pre-shared key, which is known to both client and server, …
Category Archive
Below you'll find a list of all posts that have been categorized as “YouTube”