The State of VPS Security in 2024
Published on: October 20, 2024
In the process of making this blog I decided I was going to use VPS hosting, thinking it would be
a better option than self-hosting on my own homelab equipment. (I'm a Network Admin for an MSP)
So, in my nievity of the scope of scraping bots, I spun up my linux VPS and began initial
configurations, like some hardening and package downloads for management.
I decided I wanted to check out the auth.log(s) just to take a peek and see if anyone was
trying to poke at my machine. What I was greeted with kind of freaked me out...
Post Picture
This scared me enough to nuke my linux server from orbit and start fresh, knowing that there were
gaping holes in my configuration and because of my poor documentation(trying to fix this) I wasn't
sure exactly where I left off and where those holes would be.
It's a much better idea to begin a project and have a causal link of steps taken to ensure that
whatever thing you're working on is put together correctly, leading to safer and more enjoyable
outcomes. If you fly wild, without a stuctured plan, you're much more likely to make mistakes
or forget important steps. In this context, that means things like RCE's and RAT's and general
assholery from the tsunami of security risks on the internet. Which is what this article is
really about.
Include more paragraphs, images, or links related to this specific blog post.