Re: [tor-relays] SSH scans from Tor exit

I first thought that the numerous complaints of my VPS being the source of the SSH (outgoing) attacks was that I hadn't done the things you suggested below and been 'hacked' but now one VPS business has looked at the VPS processes and said it must be coming out of Tor as I run an exit.

So I am asking whether this is rare or am I not doing something which others are doing? Is it just a matter of removing SSH from the already long list of port limitations?

Robert

Could you explain with more details? Your question is not totally clear.

If your VPS is being SSH brute forced there are many ways to protect:

• • make hostbased authentication or use keys instead of password-based

authentication

• • install fail2ban to ban IPs after "x" wrong passwords
• • make sure you put a very strong password, seriously
• • disable root login via ssh
• • if you have a VPS made with KVM you can disable SSH access at all

and use the javaconsole from the VPS panel?