• 1 Post
  • 14 Comments
Joined 1 year ago
cake
Cake day: June 16th, 2023

help-circle

  • tmjaea@lemmy.worldtoSelfhosted@lemmy.worldNetwork Switch
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 month ago

    The loss did occur on simple ping commands, only on 2 out of 5 ports. The vendor confirmed the behavior to be faulty and took the switch back.

    Maybe it was just a faulty model? However I do use multicast in my network (corosync) and a lot of 10G switches seem to have problems with that, maybe this was the case here, too.

    The exact model is TRENDnet 5-Port 10G Switch, 5 x 10G RJ-45-Ports and there sure seem to be quite some people having issues as well…





  • Just my 2 cents:

    1. Proxmox. Flexibility for both new services via VM/LXC and backups (just install proxmox backup server alongside and you get incremental backups with nice retention settings, file-restore capabilities as well as backup consistency checks)

    2. If it’s in a VM/container you don’t need to worry about backups, see 1.

    3. In this case isn’t it sufficient to be able to access the data via Windows network?


  • Yes,

    It does not work. Additionally, the ubiquity switch does not sync with 10gbit/s to one of the qnap switches (I tested with different cables and ports, but the led on the qnap stays orange, indicating connection speed lower than 10gbit/s)

    As I’m maybe returning the switch due to the problems I hesitate to register it to access settings. Jumbo frames settings could actually be the solution. But with the problem mentioned in the first paragraph I’m not sure. A 300€ device should just work IMHO…

    Thanks for the suggestion with ping, I will test it.







  • Very interesting, thanks for sharing!

    I know it’s just anecdotal evidence, however fail2ban in my one machine which does need ssh on port 22 to the open internet bans a lot of IPs every hour. All other ones with ssh on a higher port do not. Also their auth log does not show any failed attempts.


  • tmjaea@lemmy.worldtoSelfhosted@lemmy.worldHave I been DoS'd?
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    edit-2
    1 year ago

    The points I made should not be used instead of all other security precautions like prohibited password login, fail2ban and updates, I thought that is common knowledge. It’s additional steps to increase security.

    I disagree that changing the port is just security by obscurity. Scanning ips on port 22 is a lot easier than probing thousands of ports for every IP.

    The reason people do automated exploit attempts on port 22 is because it is fast, cheap and effective. By changing the port you avoid these automated scans. I agree with you, this does not help if someone knows your IP and is targeting you specifically. But if you’re such a valuable target you hopefully have specialized people protecting your IT infrastructure.

    Edit: as soon as your sshd answers on port 22, a potential attacker knows that the IP is currently in use and might try to penetrate. As stated above, this information would most likely not be shared with the automated attacks if you used any random port.


  • tmjaea@lemmy.worldtoSelfhosted@lemmy.worldHave I been DoS'd?
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    2
    ·
    1 year ago

    I can’t help much regarding the service denial issue.

    However Port 22 should never be open to the outside world. Limiting to key authentication is a really good first step.

    To avoid automated scans you should also change the port to a higher number, maybe something above 10,000.

    This both saves traffic and CPU. And if a security bug in sshd exists this helps, too.