zlacker

[return to "I got hacked: My Hetzner server started mining Monero"]
1. danpar+Gj[view] [source] 2025-12-17 23:02:50
>>jakels+(OP)
No firewall! Wow that's brave. Hetzner will let you configure one that runs outside of the box so you might want to add that too, as part of your defense in depth - that will cover you if you make a mistake with ufw. Personally I keep SSH firewalled only to my home address in this way; if I'm out and about and need access, I can just log into Hetzner's website and change it temporarily.
◧◩
2. t0mk+Hb1[view] [source] 2025-12-18 08:21:14
>>danpar+Gj
I don't whitelist IPs for ssh anymore, but I always run sshd on randomly selected port, in order to not get noticed by port scanners.

I do it for a really long time already, and until now I am not sure if it has any benefit or it's just umbrella in a sideways storm.

[go to top]