[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Sks-devel] Just coincidence or targeted attack?
|
From: |
Jeremy T. Bouse |
|
Subject: |
[Sks-devel] Just coincidence or targeted attack? |
|
Date: |
Sun, 18 May 2014 16:34:20 -0400 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.5.0 |
Has anyone else noticed an increase in exploitation attempts against
your SKS server(s) or am I just looking at pure coincidence that I've
had all 3 of my SKS nodes have an increasing rise in attack vectors
coming from the China and Indonesia blocks of 222.184.0.0/13 and
203.81.248.0/22 over the past 24 hours. The rest of my servers haven't
been receiving the same attack vectors so it appears targeted at SKS
directly.
I've checked on my servers and they are still secure and my
countermeasures and detection methods have been successful thus far.
Right now the only accessible ports on these machines are SSH and SKS
that is reverse proxied through nginx so they have limited angles to
attack. I've had over half the attempts made this month made in the past
24 hour period so far.
signature.asc
Description: OpenPGP digital signature
- [Sks-devel] Just coincidence or targeted attack?,
Jeremy T. Bouse <=