Was I the target of a successful attack?
-
I know…. but you can enable/disable it via the gui and via console.
It doesnt work disabling it via the GUI. Only via the console...
-
What's IT?!
-
SSH :)
-
Before disabling SSH via GUI:
# netstat -an | grep .22 tcp4 0 0 *.22 *.* LISTEN tcp6 0 0 *.22 *.* LISTEN
After disabling SSH via GUI:
# netstat -an | grep .22 #
Re-enabling SSH via console:
# netstat -an | grep .22 tcp4 0 0 *.22 *.* LISTEN tcp6 0 0 *.22 *.* LISTEN
and checking back the GUI:
-
Doesnt work here…
-
P.S. None of this protects against DDoS. Not possible. Won't save your WAN from crashing.
This x 1000. I don't know why so many people incorrectly think that a simple firewall rule can mitigate a DDoS attack. I guess someone should tell the netops over at Sony and MS that they should add a firewall rule to stop their entire gaming networks from being blown offline like what happened a week or two ago…
-
It doesnt stop it or prevent it…
It handles it and doesnt interfere with normal services.
And dont let the security at Sony disturb you at night....if North Korea can get in, everyone can....
-
@KOM:
P.S. None of this protects against DDoS. Not possible. Won't save your WAN from crashing.
This x 1000. I don't know why so many people incorrectly think that a simple firewall rule can mitigate a DDoS attack. I guess someone should tell the netops over at Sony and MS that they should add a firewall rule to stop their entire gaming networks from being blown offline like what happened a week or two ago…
But depending on how your internal network is setup, the initial ddos on the wan could trigger a cascade of network activity which can slow the slower or under heavy load lans as well. With virtualisation becoming more common, the increased activity could also swap some cpu's as well.
-
Thats why you have sinkholes and load balanced servers ;)
-
When you can afford it.
Sadly I dont have GCHQ's or the NSA's budgets. ;)