138
PSA: Test Your Server SSH Access
(lemmy.ml)
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Beginning of January 1st 2024 this rule WILL be enforced. Posts that are not tagged will be warned and if not fixed within 24h then removed!
This is good advice in general. Think of it like penetration testing. You really should verify what you can actually access remotely on a device and not assume you have any level of protection until you’ve tried it.
Log files can also contain signs of attack like password guessing. You should review these on a regular basis.