|
|||
cyber attack on bsd
hi,
I suffered several attacks on a BSD 7.1, I’m in IPV6, I’ve deactivated the sshd daemon. Apparently my hard firewall is circumvented, how can I set my firewall on my openBSD station, I must encrypt my hard drive because apparently the multiple partitions are penetrated. so I reset my BSD which had suffered some damage especially on the/home partition. |
|
|||
Encryption of the hard drive will not help you with "cyber attacks". Only if your system is stolen or physically accessed would it be useful.
See OpenBSD pf for the firewall help. Sorry, but I have to wonder why you are posting "cyber attacks" all over the place (I just noticed that). I think at this point you should consider using google or duckduckgo or some search engine to see if you can figure out what you are seeing .
__________________
[t]csh(1) - "An elegant shell, for a more... civilized age." - Paraphrasing Star Wars (tvtropes.org) |
|
|||
In addition to jmccue's comment above:
Take a look at OpenBSD's Pf. for configuration help and operational info. In the past I have provisioned Pf to "Block" all ip address's that were not in the country I was located in. If your system does not need to be exposed to the internet in its entirety then it would be one of my first steps. This may be accomplished by creating a table to hold all the ip addresses that your country contains, at least up until the creation of that table. In that way you can configure Pf to accept all traffic that comes from your country but not others. It makes the table smaller, although Pf handles that configuration without any noticeable speed loss. This of course assumes that your system does need to "face the public on the internet, i.e. static ip"......This will reduce the amount of probing traffic to your system right off the bat. I always configure SSHD daemon with another port other than 22, although this just slows attackers in the process of determining which ports your system is exposed to that faces the internet. This is not an end all in itself. Security is an in depth process. SSHD is too valuable of an asset to disable at least in my opinion. (Or you can disable it until needed) Take a look at software that you might have installed that could open your system to the internet in an unprotected manner or software that might not be in the OpenBSD's packages, or possibly a package in the collection since the developers cannot vet all in the manner that the OS is. Is your system available to others? Do you have misbehaving users? Do you monitor and/or restrict their usage? Does your system face the internet? i.e. Are you running a server or simply browsing and emailing from a desktop or laptop? Review your Logs!!!! Many answers lurk there!!! Did you configure or use a software package that might behave in a manner that is looking like an attack? You may also review your IP traffic in real time or historical by your system or add on software from the package repository... Have you installed, and or configured and used a virus scanner?, R U running a mail server? etc. I ran several internet facing servers for years without an incident running OpenBSD httpd and also simple configured laptops and or desktops without an intruder problem. Most if not all of my issues were operator inflicted i.e. Me. .... Last edited by frcc; 29th May 2022 at 01:02 PM. Reason: clarify and expand |
|
|||
post / thread solved
|
|
|||
Would you share with us what the resolution was, it might help others experiencing what you have, and it might help them.
|
|
|||
yes of course I will wait a little to see if my solution is the right one!
if I'm not a hacker I'll gladly give you the solution. Wait a little bit! |
|
|||
apparently I was able to counter cyber attacks on an openbsd 7.1 with an AMD prossessor architecture, it is a rather old computing personnal.
Solution: It takes two hard drives of the same size, for my part I mounted old Sata hard drives. Since the bios enable raid 0, start installing OpenBSD which itself will install its boot file on the second hard drive, OpenBSD is intéligent. So when the hacker tries to access the file systems, he will fall on the master boot record of the first hard drive that is like an output hatch. When you start the station you should see >> hd0+ hd1+*. I hope you succeeded... Sincerely, Last edited by philo_neo71; 2nd June 2022 at 11:36 AM. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
cuber attack on BSD | philo_neo71 | FreeBSD Security | 1 | 29th May 2022 01:27 PM |
Security Operation Red October - large-scale cyber-espionage uncovered | J65nko | News | 4 | 23rd January 2013 06:21 PM |
NATO signs contract for Cyber Defence | shep | News | 0 | 11th March 2012 05:31 PM |
Top Cyber Security Risks | J65nko | News | 1 | 22nd January 2010 02:40 AM |