On 03/12/2020 17:14, Tim via users wrote:
On Thu, 2020-12-03 at 12:53 +0800, Ed Greshko wrote:
I suppose if one is paranoid about posting their ip addresses they
may be concerned.
I tend to avoid that, because it just invites some people to have a go.
However, in most posts to a mailing list your IP is in the mail
headers.
I remember my early forays into the net. Almost any time you did a
public post, you'd see a slew of connected attempts reported by the
firewall, very shortly after. Bots watch public arenas, and just
automatically tried to penetrate any addresses they thought were
currently on-line.
And that is pretty much the point. I can't think of anyone that would go through the
trouble of unpacking pcap output to find IP addresses they could attack. They either
farm IP addresses from emails, dns queries, or just plain find blocks of IP addresses
to attack.
To this observation, add the fact that I have a few systems which are "open" for the
express purpose of cataloging where ssh attacks are sourced. The systems I have
are both IPv4 and IPv6. All attacks have been against IPv4. In over a year of these
systems supporting IPv6 there have been Zero attacks on those addresses.
---
The key to getting good answers is to ask good questions.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx