zlacker

[return to "I got hacked: My Hetzner server started mining Monero"]
1. IlikeM+ik2[view] [source] 2025-12-18 16:11:36
>>jakels+(OP)
I don't think using key-based authentication for SSH and enabling Fail2ban is necessary. Fail2ban is only useful if you keep password authentication. But I might be wrong.
◧◩
2. Sohcah+E03[view] [source] 2025-12-18 19:13:43
>>IlikeM+ik2
I should check my SSH logs.

My intuition is that since the SSH server reports what auth methods are available, once a bot sees that password auth is disabled, they will disconnect and not try again.

But I also know that bots can be dumb.

[go to top]