Comment on Linux devices are under attack by a never-before-seen worm
Kethal@lemmy.world 5 months agoPeople are giving some advice but it doesn’t seem appropriate for an absolute newbie. Here’s what I’d say. Absolutely do not run telnet. Because it’s so insecure and everyone knows that, it’s usually not on by default, and you would have had to start it yourself somehow. It’s unlikely that you did that, but you can check to see.
If you’re new, you very likely don’t need an SSH server running. Unless you’re logging into that computer remotely, you don’t need it. It’s probably not running, but it’s conceivable that it could run by default. Check to see and disable it if you don’t need remote login.
If you do need remote login, use SSH and use a good password. Ideally, you’d need to leave newbie territory and use public-private keys instead of a password. It’s also not a bad idea to use a nonstandard port, instead of 22. That doesn’t beef security much, but many scanners are going to look for 22 and nothing else.
To add to this, install fail2ban (most distros have it in their package system) and activate it for the various things that use username/passwords in your system.
Basically it monitors access logs and blocks the IPs that repeatedly fail logins.l for a certain amount of time.
This drastically reduces the effectiveness of brute force attempts - as long as your password isn’t, “password” and guessable in one go.
Lifecoach5000@lemmy.world 5 months ago
Thank you for the well thought out response! I, myself do know my way around networking a bit. Linux in general is what I am just now dipping my toes in. Loving it and learning a lot.