Our ns1.grapheneos.org DNS server was targeted by a DoS attack yesterday. They didn't target the DNS service but rather... SSH. That's a new one.
Can see the traffic spike but it was hardly anything compared to the usual attacks. Still, SSH buckled.
nodeping.com/reports/status
Conversation
Replying to
Reported a similar incident yesterday as well as someone was trying to bruteforce SSH passwords on System76 servers.
Quote Tweet
Someone at 60.49.119.235 is trying to brute force SSH passwords with the usernames "admin" and "default". Should I let them know those usernames don't exist and this server only has key auth and it would take them until the heat death of the universe on their potato to crack?
Show this thread
1
There are always endless password brute force attempts but there's only key authentication. OpenSSH still pretends to support password authentication. That's quite different from a DoS attack on it though.