You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This would be very useful! I've recently started to harden my server (focusing on sshd) with fail2ban, which has massively reduced the amount of spam in my journal, so I'm now noticing other suspicious activity, such as:
Feb 28 00:04:22 alarm umurmurd[365]: WARN: SSL error: error:00000005:lib(0):func(0):DH lib
Feb 28 00:08:26 alarm umurmurd[365]: WARN: SSL error: error:00000001:lib(0):func(0):reason(1)
Feb 28 00:08:26 alarm umurmurd[365]: WARN: SSL negotiation failed with 178.79.xxx.xxx on port 35758
Feb 28 00:08:32 alarm umurmurd[365]: INFO: Connection closed by peer - [1] @178.79.xxx.xxx:38102
Feb 28 00:08:33 alarm umurmurd[365]: WARN: Msg_networkToMessage: Unsupported message 12420
repeated for many similar IPs and ports for about half an hour every couple of days.
Hey!
I think it would be helpful to document a fail2ban config/filter so umurmur users can harden their installs.
Cheers!
The text was updated successfully, but these errors were encountered: