@@rolandgregory7094 🤦‍♂️ don't be a creeper Roland.

Roland George fuck off roland

@@rolandgregory7094 oof bot

The man that never blinks

He js your girlfriend 😂😂😂

brilliant

I blink often but I stared long enough to see him blink 😂

Because boobs are great? 🤷

@@user-vn7ce5ig1z can't argue with that

Because he’s the 🐐

boob

because maturity, that's why. right?

@Losko Meh, that's more a "Security through obscurity" thing. It does next to nothing for a determined "hacker"

@Losko That's where we disagree: Step #4 doesn't CONSIDERABLY reduce the "impact surface". It MARGINALLY, if at all, reduces the "impact surface". With tools like nmap you can scan all ports in a matter of seconds and if your system is connected to the public internet then tools like Shodan make it so easy even kids can find your "hidden" SSH service. (See security.stackexchange.com/a/189738/3992 )

any half decent hacker will just use a botnet to bruteforce the credentials so banning IP does nothing really. Especially when someone has hundreds of thousands of telnet devices on their net.

@@Sythorize Ofcourse it does, it limits the number of attempts to X for each and every IP. Yes, your banned IP list will grow big, but it's still better than keep allowing each IP to try again and again and again.

@@Rob_III yeah but it’s useless

I was expecting *this video for quite *a long time. Just a correction in case you're learning English as a second language.

what if they use vpn?

you can easily allow to access only in a range of ip addresses

@@pie5233 i do that, only allow ssh connection from the ip that i usually connect

That's good enough

Does using an SSH .rsa key instead of a password make it harder or easier? If you gained like a meterpreter shell into one computer, couldn't you theoretically just find the .rsa SSH credentials?

@@uniquechannelnames Attacking a remote system with passwords can be done by anyone anywhere. To hack a system protected with key based security, you must actually find the private key which is something that even the secured machine will not possess. This means the attacker must first successfully hack the admin’s machine to get the key. This is also why you should protect your private keys with a supplemental security layer. A keychain, password manager, or even simple password can make this impractical for all but the most dedicated hackers.

did you find the solution ? I have the same problem

Good idea Mitu Jangra, I've added it to the list of video ideas.

To defend against this, as Kody said, you can use an obscure username (disable root/admin ssh logins), use a different port and use a strong password or - even better - use a private key. You can also set fire wall rules that either limit how many login attempts are allowed per minute or deny access to the source IP after a certain number of failed attempts within a time period. On my box, I only allow ssh access for a named user using a private key and that's successfully defended me for years. Recently I added a firewall rule (3 lines actually) to boot people after 4 failed attempts within a minute 'cause my logs were filling up with failed login attempts.

Commercially: Certificate based auth, but that requires you to set up a PKI infrastructure which is a bit beyond the personal use so... Personally: switch to Public Key auth, disable root login, use ip tables to limit connections, install and configure 2fa (Google authenticator is free). You can still brute force public keys (if you have a collection of them - say HDMoore's collection of Debian weak prng generated keys) using something like crowbar but it's not likely that your key generated by a modern operating system is going to be in that collection. Password auth itself needs to die in a fire.

@@lmaoroflcopter agreed but without Google if you change phone or worst lose it, your screwed. Lost access to several places for a few days. Cloud based authentication is the way to go imo

@@christopherirving7685 that's why you back up your backup codes to something that isn't your phone, and Google Auth, is just an open source implementation of TOTP. Use a yubikey to store the seed and it isn't even linked to a phone. You've also almost always got some access via a providers ILO or serial console system, or in the case of home hosted - physical access to the device, too in order to recover from.any derps. But cloud based Auth is interesting, though I'd argue that's a bit beyond the individual and more a corporate solution, but along the same lines Netflix also publish their own solution for certificate based auth, that runs in aws lambda.

@@lmaoroflcopter I backed up to something that was stolen I'm just pointing out a flaw many don't take into account. Lost access to coinbase and wallets. But yes I now backup to more than one location :) thanks for the comment

can you ssh into a Minecraft server? would people keep a ssh port open?

I think that as long as you have the IP of the target. You have their IP, you scan for open port 22 and just brute force it. Give me your IP and I will try if it works lol

You can't. Coz you use Windows and he uses Linux! Lol

i personally use this one: Alfa AWUS036ACH

The actual aircrack-ng FAQ suggests the following - please keep in mind that the model suggested by the comment above might crash your kernel! • Alfa AWUS036ACH (a/b/g/n/ac) is the best performing card, but the driver can be unstable enough to crash your kernel. • Alfa AWUS036ACM (a/b/g/n/ac) is the highest performing of the STABLE devices, but it requires kernel 4.19.5 or higher, and the driver doesn't work on the Raspberry Pi 3 yet; it works on the Raspberry Pi 4.

I don't think termux can do any of it, considering the fact that termux does not support rooting.

It shouldn't. iptables should kick in and make the attacking computer think that the server is now offline and wont respond to pings. But I could be wrong. I run fail2ban on all my servers though! Currently at 37678 Blocked IP addresses :D

@@misfitsman805 hectic! Would be cool to build a dmz in front and drop a honeypot in there. See what these bots/peeps are up to. I also block with fail2ban but have a static IP at home so could just whitelist. Instead though, there's this port knocking tool, can't recall the name but it works like a dream.

Network services are disabled by default in Kali. To enable them, try "sudo systemctl network.service start". It is disabled by default as a computer looking for a wifi is exposed, so it gives out its location. Also you may need a wifi dongle if your laptop does not support it. Hope this helps. (P.S. Don't do anything *illegal or criminal,* and if you are scanning ports, use proxychains to hide your ip and prevent dns leaks.)

@@l0_0l45 thank you friend

Came here to say this - it sounds like it's recorded under water with a muffler over the potato microphone.

Got me twice! 😂😭

Same here, but I also tarpitted ssh access 'cause my logs were filling up with scans and hack attempts. Three lines in iptables and my logs are much cleaner.

@@dingokidneys where can I find the logs on whose trying to loging and scans?

@@RakshithPrakash The Linux logs are either in /var/log or accessible by 'journalctl' if you have a systemd distro. To check what's happening on ssh you can do either: $ grep sshd /var/log/auth.log or $ journalctl -u ssh

na

Me

i don't think 13 yo teens know anything about ssh or how to use it, script kiddies won't go near that sort of thing.

I like to know what I'm up against and if there's anything new on the battlefront.

Hoovy Of wisdom for these dumb kids, wireshark is the closest they get to hacking, legit, they think they can see the whole internet and what they are doing with a network trafficking tool. None of them will be bothered to learn scripting and just randomly find fake hacks pop up in their feed then show their friends to make them look like black hats. Freaking twats.

lmao