Mar 172025
Today, I did a test login to my own server using the root account. The root account is almost never used for this purpose. I have not used it since, well, since April 28, 2020 it appears. Others, however, tried:
# ssh localhost Last failed login: Mon Mar 17 01:27:21 EDT 2025 from 218.211.171.143 on ssh:notty There were 181737 failed login attempts since the last successful login. Last login: Tue Apr 28 17:33:43 2020
Now imagine: if my itty-bitty public-facing server gets this many probing attacks (roughly 100 attempts per day on average), what do large service providers face? Madness and chaos, that’s what.
And of course attempts to log in as root through ssh are by no means the only forms of attack that my server must deal with.