Anybody who’s ever exposed any service to the internet knows this as the “background radiation” of the net. My boxes get thousands of random connection attempts per day. The best practice for years has been to use keypairs and/or VPNs. Friends don’t let friends expose RDP to the web.
I had a little linux server years ago and after a setup forgot to change my SSH port. One day I noticed my network was slow and after poking around realized that I had someone knocking at my port trying pass after pass with like 15 - 30 sec between attempts, watched this person for 2 days laughing at the 8-10 char passwords they were using, my password was a sentence. I then shifted the port to the 30k range and all was silent on my ports, always remember to change default ports, fun times
Anybody who’s ever exposed any service to the internet knows this as the “background radiation” of the net. My boxes get thousands of random connection attempts per day. The best practice for years has been to use keypairs and/or VPNs. Friends don’t let friends expose RDP to the web.
I had a little linux server years ago and after a setup forgot to change my SSH port. One day I noticed my network was slow and after poking around realized that I had someone knocking at my port trying pass after pass with like 15 - 30 sec between attempts, watched this person for 2 days laughing at the 8-10 char passwords they were using, my password was a sentence. I then shifted the port to the 30k range and all was silent on my ports, always remember to change default ports, fun times
I had a website exposed to the net and would constantly get http requests for things like “wordpress_admin.js”