August 12, 20241 yr Does unraid have the function to automatically disable IP? How to set up ip blacklist in unraid? The strange thing is that I didn't open these ports on the router. Edited August 12, 20241 yr by ClydeLin
August 12, 20241 yr Community Expert Do you have your server in the router DMZ? If not I do not see how those ssh requests are reaching the server.
August 12, 20241 yr Author 11 minutes ago, itimpi said: Do you have your server in the router DMZ? If not I do not see how those ssh requests are reaching the server. I did use port forwarding, but I only forwarded the required ports
August 12, 20241 yr Community Expert Solution blacklisting an IP is not really a solution as it does not stop an attack from a different one. Unraid is not hardened against internet attacks. If you want to allow access from the internet then a better solution would be to only allow access via a VPN (such as the WireGuard one built into Unraid or an alternative such as Tailscale. ) so that there is no direct access from the internet to vulnerable ports. Then you do not need to have many ports forwarded in the first place.
August 12, 20241 yr Author 7 minutes ago, itimpi said: blacklisting an IP is not really a solution as it does not stop an attack from a different one. Unraid is not hardened against internet attacks. If you want to allow access from the internet then a better solution would be to only allow access via a VPN (such as the WireGuard one built into Unraid or an alternative such as Tailscale. ) so that there is no direct access from the internet to vulnerable ports. Then you do not need to have many ports forwarded in the first place. I agree with you.I will try this way.
August 12, 20241 yr Author Hi @itimpi I turned off all port forwarding Can I have a bit question? I saw this line in system log Aug 12 19:57:25 UNRAID sshd[4048]: srclimit_penalise: ipv4: new 91.92.249.229/32 deferred penalty of 5 seconds for penalty: failed authentication Can I set the penalty time to other values(5h or 5day)?
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.