On Thu, 09 Feb 2017 00:06:01 +0000, Albert Redditt wrote:
> Can you guys at SUSE make it so the firewall can be set to deny all
> filesystem requests??
>
> So hackers can’t view the filesystem.
That’s not how a firewall works. Unless you’re talking about the SAMBA
service or NFS or something - in which case, it’s likely a configuration
issue rather than a firewall issue.
> Can you guys at SUSE make it so that the firewall can be set to deny all
> remote logins… so only the loopback 127 can login.
Again, without knowing the services you’re using, this actually doesn’t
make a lot of sense.
> I just instaqlled Leap 42.2 and got hacked the minute it connected to
> the internet…
I find that difficult to believe. The default is not to open any ports -
when I’ve set up NFS or SAMBA, I’ve had to configure the firewall to open the necessary ports.
So, I’m with Malcolm - what evidence do you have that your system was
“hacked the minute it connected to the internet”?
I’ve been running openSUSE with shared filesystems in my private network
for years, and have never had it hacked - and generally, I’ve just used
the default configurations in conjunction with the firewall in my router.
Hi!
I confess that I have been hacked once. It was webmin on my main server. It never raised any more privileges then the user webmin.
I do not have any interesting on what I published to the net. Oho, I will not write about my mail server logs and spam.
Lets see on my main server…
Last failed login: Fri Feb 10 11:56:55 CET 2017 from 116.31.116.45 on ssh:notty
There were 665 failed login attempts since the last successful login.
Last login: Thu Feb 9 16:19:05 2017 from 192.168.0.20
Have a lot of fun...
On one of VM that includes Axigen mailserver, nextcloud:
Last failed login: Fri Feb 10 12:04:33 CET 2017 from 113.195.145.13 on ssh:notty
There were 56 failed login attempts since the last successful login.
Last login: Thu Feb 9 16:16:20 2017 from 192.168.0.20