@sureiam said: Also on this note people should remember to turn off VNC access after setting up their server. Little extra protection goes a long way.
As a host I can confirm this is excellent advice, I can confirm common VNC port ranges are scanned multiple times daily.
Those that sign up with "change" or "passwords" or "zaq12wsx" or "qazwsx" etc etc the usual ones in the quick 100 list of any basic dictionary attack are usually the ones that get compromised, they change their root password straight away and don't think to change their VNC password or disable VNC.
I thank @WSS for actually suggesting this to be disabled by default. Most people don't even use it. And if needed, could be enabled with 3 clicks.
@seriesn said: I thank @WSS for actually suggesting this to be disabled by default. Most people don't even use it. And if needed, could be enabled with 3 clicks.
Yep, that's a good option if your control panel/automation supports it.
@sureiam said: Also on this note people should remember to turn off VNC access after setting up their server. Little extra protection -goes a long way.
As a host I can confirm this is excellent advice, I can confirm common VNC port ranges are scanned multiple times daily.
Those that sign up with "change" or "passwords" or "zaq12wsx" or "qazwsx" etc etc the usual ones in the quick 100 list of any basic dictionary attack are usually the ones that get compromised, they change their root password straight away and don't think to change their VNC password or disable VNC.
I thank @WSS for actually suggesting this to be disabled by default. Most people don't even use it. And if needed, could be enabled with 3 clicks.
Basics:
Use random password generator for sign up and save that somewhere
Sign into portals/panel(s) and change the passwords.
Use custom iso if possible to upload the distro of choice or mount the provided distro as CD then use vnc and do a fresh "net" install of the distro. set root passwords to something not provided to provider and setup new user with sudo rights
Login to new distro and setup firewall, then in ssh change default ssh port, disable root login, setup fail2ban for ssh.
Disable vnc access via panel.
The above alone will give a lot of protection for really basic stuff. I would note my concern isn't the provider though but someone gaining access to the providers saved info. If the biggest companies in the world can have leaks access everyone else can too. Of course them getting access to the VM file or otherwise is bad but at least make yourself a bit harder to gain access to.
Comments
I thank @WSS for actually suggesting this to be disabled by default. Most people don't even use it. And if needed, could be enabled with 3 clicks.
Nexus Bytes Ryzen Powered NVMe VPS | NYC|Miami|LA|London|Netherlands| Singapore|Tokyo
Storage VPS | LiteSpeed Powered Web Hosting + SSH access | Switcher Special |
Yep, that's a good option if your control panel/automation supports it.
https://inceptionhosting.com
Please do not use the PM system here for Inception Hosting support issues.
Basics:
The above alone will give a lot of protection for really basic stuff. I would note my concern isn't the provider though but someone gaining access to the providers saved info. If the biggest companies in the world can have leaks access everyone else can too. Of course them getting access to the VM file or otherwise is bad but at least make yourself a bit harder to gain access to.