- Joined
- Oct 20, 2009
- Messages
- 2,873 (0.54/day)
- Location
- Corpus Christi, Texas
System Name | FumoffuFumoffu |
---|---|
Processor | Intel i7 4770K |
Motherboard | Gigabyte Z87X -UD3H |
Cooling | Corsair H100i |
Memory | 16GB DDR3 1600 Crucial Ballistix |
Video Card(s) | Sapphire AMD Radeon HD 7970 OC |
Storage | 1- WD 500GB 1- Samsung F2 1.5TB 1- Crucial M4 128GB SSD 1-256GB ADATA XPG SX900 ASX900S3 SSD |
Display(s) | Hanns-G HZ281HPB 27.5'' 3ms Full HD 1920x1200 WideScreen LCD Monitor |
Case | Corsair Graphite Series 600T |
Audio Device(s) | Creative Soundblaster X-Fi Titanium |
Power Supply | Corsair HX 750W Gold |
Software | Windows 7 Pro x64 |
Hey guys,
So I was running a Debian 8.x server for my media collection (emby). I could remote SSH in and access my media library via Emby from any web connection after logging in.
Recently, my Debian install took a nose dive after an update. So I decided to switch to Fedora 24 server. I also found out from my ISP that the reason my network keeps dropping on me is that someone has been attempting to Brute-Force my SSH server as well as being hit by a Blat Attack (DoS attack) several times a day.
As my server is setup now with SELinux (Permissive - for Sonarr and Nzbget), I can no longer remotely login to SSH nor to my Cockpit or Emby servers.
I want to know what you guys recommend I setup my SSH with for security and remote access. I have of course changed the SSH port and disabled Root login. I have considered trying to do the 3 or 4 factor SSH authentication method but am unsure if I should just carry a thumb drive around with the keys on it or not.
I also have Fail2ban installed and configured.
Would someone like to walk me through setting up remote access and security for my server?
The following Services and ports need remote access:
Another potential service and port I am considering setting up is HTPC Manager - port 8085
I appreciate the assistance. I really hope I can kill off this Blat Attack and Brute Force attack annoyance.
So I was running a Debian 8.x server for my media collection (emby). I could remote SSH in and access my media library via Emby from any web connection after logging in.
Recently, my Debian install took a nose dive after an update. So I decided to switch to Fedora 24 server. I also found out from my ISP that the reason my network keeps dropping on me is that someone has been attempting to Brute-Force my SSH server as well as being hit by a Blat Attack (DoS attack) several times a day.
As my server is setup now with SELinux (Permissive - for Sonarr and Nzbget), I can no longer remotely login to SSH nor to my Cockpit or Emby servers.
I want to know what you guys recommend I setup my SSH with for security and remote access. I have of course changed the SSH port and disabled Root login. I have considered trying to do the 3 or 4 factor SSH authentication method but am unsure if I should just carry a thumb drive around with the keys on it or not.
I also have Fail2ban installed and configured.
Would someone like to walk me through setting up remote access and security for my server?
The following Services and ports need remote access:
- Emby Server - Port 8096
- Cockpit Manager - Port 9090
- Sonarr Daemon - Port 8989
- Nzbget Daemon - Port 6789
- SSH - Port TBD
- No-IP Client for DDNS
Another potential service and port I am considering setting up is HTPC Manager - port 8085
I appreciate the assistance. I really hope I can kill off this Blat Attack and Brute Force attack annoyance.
Last edited: