Jim

I should probably not be surprised but the vast majority of brute force connx to my mail server actually comes from 2 ISPs. That's quite unlike my experience with SSH brute force which i guess is more widespread.

One is a Yandex subsidiary in London, the other is Turkish. I really dislke whole subnet blocks but in this case I can live with it.

1+
Jim
Follow

Got a fairly aggressive fail2ban config on this box but it looks like the botnet is almost every fucking host on the ISP so they just keep rotating.

· · Web · 0 · 0 · 0
Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!

Resources

Developers

What is Mastodon?

sully.site

More…