endlessh
Pritunl
Our great sponsors
endlessh | Pritunl | |
---|---|---|
40 | 34 | |
6,868 | 4,288 | |
- | 0.9% | |
0.0 | 9.0 | |
10 months ago | 3 days ago | |
C | Python | |
The Unlicense | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
endlessh
-
Why so many bots?
You can reduce the noise a lot by moving ssh to a non standard port. Security through obscurity isn't actually security, but it will reduce the number of attempts you receive. Another thing I like to do is put Endlessh on the standard port 22. That way as bots go by they will get stuck or at least slow down on that connection.
-
Is SSH secure enough?
SSH tarpit with Endlessh and for the hidden SSH: auth with both a key files (that need unlocking and is on the computer) AND an One Time Password on my phone.
-
"Failed password for root" SSH login hacking attemp?
If you change the ssh port, install https://github.com/skeeto/endlessh to slow down the attackers
-
ChatGPT doxes itself
Even this requires you to successfully guess the username and password correctly, and if it's just not the default most people won't bother brute forcing further. Sidenote: you can use endlessh on a computer and port forward port 22 to trap scanners that scan the entire internet for open ssh ports to exploit.
-
Ssh brute force attack with fail2ban.
The fun way is moving your ssh port somewhere else and installing endlessh to f the bots.
-
Security for your Homeserver
Such as endlessh
-
Keep it tight everyone! This is a day of sshd logs from a proxy server in China pinging my SSH server and trying every username imaginable. Does anyone have any tips to increase security?
But, as a prank to Chinese hackers, what I did on my system was to run endless ssh. It keeps the ssh client busy as it slowly sends the ssh banner. I modified the code to send strings like:
-
VPN to remotely access dockerized services
For hardening: I use lynis for some guidance, the VPS runs rkhunter, AIDE and other things nightly and mails me the reports, fail2ban manages the SSH port, having SSH on a custom port helps to keep things quiet. If you're into these kind of things, have a look at the Endlessh tarpit to learn about login attempts on port 22 on your machine - I found it eye-opening.
- Any app out there to trap port scanners?
- Mein Server wird für Bruteforce Attacken genutzt, was kann ich tun?
Pritunl
-
OpenVPN access server alternative
Also check Pritunl
-
VPN solution backed by Google Identity?
It doesn't run on OpnSense but Pritunl's paid version supports Google SSO. Works well. Easy client deploy.
-
Road warrior VPN to multiple sites, with MFA
https://pritunl.com/ Might do the trick for you.
-
Lansweeper updating their subscription plans as of August 1, 2022...
Went to pritunl. Self-hosted.
-
So I've installed grafana, loki, and prometheus on the personal Kubernetes cluster via Terraform. Now what?
Thanks! I currently run Pritunl on the cluster, but I could definitely host my resume on there as well. I could stand to learn tools like https://locust.io or Bees With Machines Guns as a load testing exercise for sure. I will dive into it!
-
Suggestions for VPN gateway appliance for SOHO.
I personally use Pritunl at home. It works quite well and is push button simple to set up for a basic configuration. https://pritunl.com/
-
Setup a VPN on AWS
I use Pritunl. Very simple to install and manage. And its free https://pritunl.com/
-
Wireguard Server GUI?
Pritunl
-
Open-source VPN Web Portal?
Pritunl has been pretty good for me. OpenVPN performance is pretty solid and it's really easy to configure and manage users.
-
Self hosted TCP VPN easily?
Wireguard is UDP natively, do use the TCP option in OpenVPN. It installed easily. Here’s one tool that makes installation and management easy https://pritunl.com/
What are some alternatives?
opencanary - Modular and decentralised honeypot
OpenVPN - OpenVPN is an open source VPN daemon
sshesame - An easy to set up and use SSH honeypot, a fake SSH server that lets anyone in and logs their activity
SoftEther - Cross-platform multi-protocol VPN software. Pull requests are welcome. The stable version is available at https://github.com/SoftEtherVPN/SoftEtherVPN_Stable.
cowrie - Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
Nebula - A scalable overlay networking tool with a focus on performance, simplicity and security
docker-swag - Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.
Pritunl-Fake-API - This neat script provides a little fake API to unlock all premium/enterprise/enterprise+ (here called ultimate) features of your own Pritunl VPN server. A mirror of https://gitlab.simonmicro.de/simonmicro/pritunl-fake-api
minerstat-os - msOS - Open Source Mining OS. Repository moved, no longer using github
ssh-audit - SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
geoip-blocking-w-firewalld - Block unwanted countries IPv4 & IPv6 ranges with firewalld using ipdeny.com
firezone - Open-source VPN server and egress firewall for Linux built on WireGuard. Firezone is easy to set up (all dependencies are bundled thanks to Chef Omnibus), secure, performant, and self hostable.