As someone else who used to host via an open port, you get random connections all the time. Almost constantly and the request paths make it obvious they are scanning for vulnerabilities. Via cloud flare the number of those requests is much lower, as they have to know at least the DNS to do so, (and can’t guess it from a presented SSL cert.)
Yeah, I see random https and other connections all the time blindly scanning for vulnerabilities. Not enough to cause any real problems though. One time I publicly exposed redis or rabbitmq (can’t remember which) and didn’t set a password, so someone set a password for me :). That’s about the worst that’s happened to me.
It’s the reason I set up cloudflare in the first place, so yeah. I was getting SYN flood-ed to the point that my router would just crash almost immediately, and after rebooting it the attack would resume after a minute or two.
Even if the SYN packets were being ignored, the connection would still be unusable if there’s enough incoming traffic for most legitimate packets to get dropped. And as mentioned in other comments, the router in question is a shitty ISP router which can’t be replaced (although I do have a much fancier router with OpenWRT running behind that).
@DaPorkchop_@lemmy.ml@memes@lemmy.world Hm weird, I don’t see why they would spend their resources attacking random people without any kind of demand. Even at work I’ve never seen one happening.
I still believe Cloudflare has most of its customers because of fearmongering tbh.
@Alaknar@sopuli.xyz@memes@lemmy.world Being proactive doesn’t mean you have to hide your personal service behind a billion dollar company. That is precisely the kind of overreaction triggered by fearmongering. If you don’t know how to secure access points or harden configurations, no service will be able to do it for you as if by magic. Not to mention your responsibility towards your users, who may not want to be tracked by a third-party company without their knowledge every time they visit your site (or half of the internet by now).
@DaPorkchop_@lemmy.ml @memes@lemmy.world Is that an actual issue or a hypothetical one? I’ve never had an attack in 10 years of publicly hosting stuff.
As someone else who used to host via an open port, you get random connections all the time. Almost constantly and the request paths make it obvious they are scanning for vulnerabilities. Via cloud flare the number of those requests is much lower, as they have to know at least the DNS to do so, (and can’t guess it from a presented SSL cert.)
Yeah, I see random https and other connections all the time blindly scanning for vulnerabilities. Not enough to cause any real problems though. One time I publicly exposed redis or rabbitmq (can’t remember which) and didn’t set a password, so someone set a password for me :). That’s about the worst that’s happened to me.
It’s the reason I set up cloudflare in the first place, so yeah. I was getting SYN flood-ed to the point that my router would just crash almost immediately, and after rebooting it the attack would resume after a minute or two.
Get a router that has flood protection? This is like… Extremely basic network protection.
OpenWRT has had configurable syn-flood protection (enabled by default) since like 2010.
Even if the SYN packets were being ignored, the connection would still be unusable if there’s enough incoming traffic for most legitimate packets to get dropped. And as mentioned in other comments, the router in question is a shitty ISP router which can’t be replaced (although I do have a much fancier router with OpenWRT running behind that).
@DaPorkchop_@lemmy.ml @memes@lemmy.world Hm weird, I don’t see why they would spend their resources attacking random people without any kind of demand. Even at work I’ve never seen one happening.
I still believe Cloudflare has most of its customers because of fearmongering tbh.
It’s a bit like saying “having a password on your account is fearmongering, why would anyone try to access your data”.
It’s only fearmongering until you get attacked, and it’s already too late when you do. Better to be proactive.
@Alaknar@sopuli.xyz @memes@lemmy.world Being proactive doesn’t mean you have to hide your personal service behind a billion dollar company. That is precisely the kind of overreaction triggered by fearmongering. If you don’t know how to secure access points or harden configurations, no service will be able to do it for you as if by magic. Not to mention your responsibility towards your users, who may not want to be tracked by a third-party company without their knowledge every time they visit your site (or half of the internet by now).