Brute Force Attack - Questions

francoischevel · June 19, 2015, 5:17am

Hello!

So I installed miab on the 6th of this month and I noticed that since the 14th (4 days now) there have been consistent invalid logins from various IP addresses every 5 minutes or so.

So, I finally removed password login to be safe, and only public key access is allowed now.

My question was:

Am I relatively safe now?
Why am I the target? How did they find me?
Do these attempts increase my charges on DigitalOcean?

Thanks in advance!

Also, yesterday morning I received an odd email (in the same email I have miab) in Russian, asking me to sign up for some service for my server. (Interestingly I have a degree in Russian Studies, so it was an interesting coincidence.)

Thank you!

JoshData · June 19, 2015, 10:49am

Yes. This is quite common. I think they’ll just go through as many IP addresses as they can until something works.

Do these attempts increase my charges on DigitalOcean?

I don’t think so. It’s not very much bandwidth.

Also, yesterday morning I received an odd email (in the same email I have miab) in Russian

Also common. The Internet is full of scams.

francoischevel · June 19, 2015, 4:59pm

Thanks Josh! I feel much better now!