Comment on What's the real danger of opening ports?
bigfondue@lemmy.world 4 days ago
If you can disable IPv4 on sshd then it really isn’t an issue. I know, security through obscurity isn’t robust, but when I had sshd with IPv4 enabled, I was getting around 6 - 10 failed login attempts a minute. People iterate through all the possible IPv4 addresses since there are only 4,228,250,625 possible addresses. There are 340,282,366,920,938,463,463,374,607,431,768,211,456 possible IPv6 addresses, so the chance of someone randomly stumbling upon your address is fucking astronomical. When I disabled IPv4 a couple years ago I’ve had exactly zero failed logins that weren’t me being a sloppy typist.
ganymede@lemmy.ml 4 days ago
i love your thinking!!
do you have a backup in case you accidentally find yourself locked out from an ipv4-only network?
bigfondue@lemmy.world 4 days ago
Not really. My home network doesn’t have any port forwarding so nothing is exposed. I have a VPS, but nothing really important is on there, and I pretty much exclusively use it from home. Anyway all those failed logins were just trying default logins like user admin password admin. If you have a strong password or ssh key it really doesn’t matter, but I just hated knowing people were trying to get in, even if it was just half-assed attempts to find a unsecured machine.