Author Topic: LDF many blocked  (Read 1646 times)

0 Members and 1 Guest are viewing this topic.

LDF many blocked
« on: October 08, 2022, 08:04:30 AM »
lately LDF has been sending me messages about many blocked as a result of attacks - ssh2, sshd, etc., what could be the reason for this?
Thanks in advance!


Re: LDF many blocked
« Reply #1 on: October 08, 2022, 12:31:06 PM »
welcome to internet world

there is many web crawled and web scanner.. white black grey. clean dirty, good, bad. only scan, other purpose
it's normal

Re: LDF many blocked
« Reply #2 on: January 08, 2023, 07:11:22 AM »
Send LDF messages to a dedicated e-mail address, not your own or admin e-mail. Mine is simply Have it set to check silently in your mail program (mark as read, do not notify). Skim it occasionally (daily/weekly) or have rules set up to inform you of more unusual activity. But all those basic attacks, you can generally ignore.

But one piece of advice that has given me a lot of peace: don't run SSH on port 22 or 2222. Both of those ports are constantly scanned and brute force attacked, esp. by FritzFrog and others. So if you run on an alternate port, you will indeed a measure of "security through obscurity."