ClydeLin Posted August 12 Share Posted August 12 (edited) Does unraid have the function to automatically disable IP? How to set up ip blacklist in unraid? The strange thing is that I didn't open these ports on the router. Edited August 12 by ClydeLin Quote Link to comment
itimpi Posted August 12 Share Posted August 12 Do you have your server in the router DMZ? If not I do not see how those ssh requests are reaching the server. Quote Link to comment
ClydeLin Posted August 12 Author Share Posted August 12 11 minutes ago, itimpi said: Do you have your server in the router DMZ? If not I do not see how those ssh requests are reaching the server. I did use port forwarding, but I only forwarded the required ports Quote Link to comment
ClydeLin Posted August 12 Author Share Posted August 12 is any way can automatic block ip in unraid? Quote Link to comment
Solution itimpi Posted August 12 Solution Share Posted August 12 blacklisting an IP is not really a solution as it does not stop an attack from a different one. Unraid is not hardened against internet attacks. If you want to allow access from the internet then a better solution would be to only allow access via a VPN (such as the WireGuard one built into Unraid or an alternative such as Tailscale. ) so that there is no direct access from the internet to vulnerable ports. Then you do not need to have many ports forwarded in the first place. Quote Link to comment
ClydeLin Posted August 12 Author Share Posted August 12 7 minutes ago, itimpi said: blacklisting an IP is not really a solution as it does not stop an attack from a different one. Unraid is not hardened against internet attacks. If you want to allow access from the internet then a better solution would be to only allow access via a VPN (such as the WireGuard one built into Unraid or an alternative such as Tailscale. ) so that there is no direct access from the internet to vulnerable ports. Then you do not need to have many ports forwarded in the first place. I agree with you.I will try this way. Quote Link to comment
ClydeLin Posted August 12 Author Share Posted August 12 Hi @itimpi I turned off all port forwarding Can I have a bit question? I saw this line in system log Aug 12 19:57:25 UNRAID sshd[4048]: srclimit_penalise: ipv4: new 91.92.249.229/32 deferred penalty of 5 seconds for penalty: failed authentication Can I set the penalty time to other values(5h or 5day)? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.