Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

I'm under an ssh attack, how do I stop it?

Featured Replies

Does unraid have the function to automatically disable IP?

image.png.66e93fbcbe9481a244faec2d0e30def6.png

 

image.thumb.png.68e65bb127c251974a967a29216108ab.png

 

How to set up ip blacklist in unraid?

 

The strange thing is that I didn't open these ports on the router.

Edited by ClydeLin

Solved by itimpi

  • Community Expert

Do you have your server in the router DMZ?  If not I do not see how those ssh requests are reaching the server.

  • Author
11 minutes ago, itimpi said:

Do you have your server in the router DMZ?  If not I do not see how those ssh requests are reaching the server.

I did use port forwarding, but I only forwarded the required ports

 

Screenshot_20240812_193345_Chrome.jpg

  • Author

is any way can automatic block ip in unraid?

  • Community Expert
  • Solution

blacklisting an IP is not really a solution as it does not stop an attack from a different one.
 

Unraid is not hardened against internet attacks.   If you want to allow access from the internet then a better solution would be to only allow access via a VPN (such as the WireGuard one built into Unraid or an alternative such as Tailscale. ) so that there is no direct access from the internet to vulnerable ports.  Then you do not need to have many ports forwarded in the first place.

  • Author
7 minutes ago, itimpi said:

blacklisting an IP is not really a solution as it does not stop an attack from a different one.
 

Unraid is not hardened against internet attacks.   If you want to allow access from the internet then a better solution would be to only allow access via a VPN (such as the WireGuard one built into Unraid or an alternative such as Tailscale. ) so that there is no direct access from the internet to vulnerable ports.  Then you do not need to have many ports forwarded in the first place.

I agree with you.I will try this way.

  • Author

Hi @itimpi

I turned off all port forwarding

 

Can I have a bit question? 

I saw this line in system log

 

Aug 12 19:57:25 UNRAID sshd[4048]: srclimit_penalise: ipv4: new 91.92.249.229/32 deferred penalty of 5 seconds for penalty: failed authentication

 

Can I set the penalty time to other values(5h or 5day)?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.