Security by obscurity — NOT!

As you can see in the posts below I switched internet service providers on Monday of this week. As a result I received a different block of IP addresses than I had before.

I have always heard that it only takes a few minutes for an attack to start on a computer – or any other device like phones and tablets – that is newly connected to the Internet. I determined to see how many (not if) script-kiddie attacks via SSH took place on the first full day after the changeover.

During the full day after getting new IP addresses, I experienced a total of 1634 attack attempts from 37 different IP addresses. I obtained this information from the Logwatch tool which I describe in volumes 2 and 3 of my “Using and Administering Linux: Zero to SysAdmin” series of books.

The crackers behind these attempts are not just searching for new computers to attack. They make the assumption that there is a computer at every IP address and attack regardless. If there is no computer at one IP address they move on to the next.

The point is that your computer or device is not safe just because it was connected to the internet five minutes ago. There are constant attacks going on and your device needs to be protected before it is connected.

Note that this is only one type of attack. There are many others that I did not even consider in this post.

Commands I use to explore Linux filesystems

Why VirtualBox is my goto Hypervisor

How to generate good passwords with pwgen

Converting to BtrFS

13 years is a long time for a laptop

Problems updating QT5 on Fedora 43

Fedora 43 breaks my books

Electric nonsense

Installing Fedora 43 Minimal on a Raspberry Pi

Security by obscurity — NOT!

How to generate good passwords with pwgen

A caution about using sudo

Rethinking su vs sudo

Getting Started with SELinux

New Linux vulnerabilities allow access to critical data

Linux and Security