Need help in using Firewall

[sir_siegfrieds]

Hello,

i have problem with an intruder trying to connect my server in SSH mode as Root ( Sorry for my english i'm french ).

I have a lot of connection with a chinese Ip ...

https://www.abuseipdb.com/report?ip=112.85.42.194

And i would like to know how to securise my homeserver from those Attacks.

I see there is a Proxmox Node Firewall but i don't how it's works .
The same from Fail2Ban i have installed it, but i don't know what i have to do with it.

My server Crashed this weekend, and if i launch any VM i have so much errors ata3.00 statut {DRDY ERR }
And when i look in proxmod syslog, i can see a lot of trying to connect

I really Need helps

Thanks a lot


Edit:

I have those log in my syslog.

and i dont understand thoses errors,
i have tried
install smartmontools

but there is no errors in my disk it's an SSD

 

[wolfgang]

Hi,

Use fail2ban to secure your Server.
There are many tutorials about configuration Fail2Ban for SSH also in french.

About your disk, the syslog says you got an IO error with a media error.
I would say you have to replace it.

 

[sir_siegfrieds]

It's looks like a NUC this computer.
So i have only an SDD, Ram installed inside...

Should i have to do a clean installation, and try to install Fail2ban ?

Can I install Both : Fail2Ban and Pfsense ?

Are trying to said that my SSD ( Bought on January is dead ? )

 

[aljaxus]

1. Install fail2ban (proxmox wiki)
2. You have everything listed on the wiki page
3. You can just copy and paste without even the need of knowing what you are doing (though if this is the case, don't host public servers yet and learn on local networks or with small deployments - my 2 cents on this)
4. It will take you max 5minutes if you will just copy-paste stuff
5. You really can not mess this up
6. it will block access to requests from public IPs that have failed to authenticate 3 times in a row; the addresses will be banned for set amount of time
7. READ THE DOCS!

Kind regards, Aljaz S.

 

[sir_siegfrieds]

Yes i've found a tutorial,
and i will test this tomorrow.

For those errors, does that means my ssd is dead ? Have i to contact my customer service ?
Or can i just format it all and make a fresh install ? ( All my VM are backed up )

I have another question, how can i do a backup for save Datacenter 1 Proxmox node ?
Can't find any tutorial for this problem. I can only backup up and restore all VM.

Would like to try To restore all VM, in conteners for a test, but i don't know if it's better.

I have
Plexmediaserver
Jeedom ( log for domotisation )
and i want :
Pfsense
Pihole
Seedbox
Server FTP

I'm sorry about all this question, i'm learning it and i want to try all i can try

Thanks a lot for all your response and sorry for my real poor english

 

[wolfgang]

For those errors, does that means my ssd is dead ?

Hard to say.
please check smart values

smartctl -aH /dev/sda

I have another question, how can i do a backup for save Datacenter 1 Proxmox node ?

There is no server backup function.
You can only backup the Guests and save them somewhere else.
But the most important information are in the /etc/pve directory.

 

[sir_siegfrieds]

=== START OF INFORMATION SECTION ===
Device Model:     LITEON CV6-8Q128
Serial Number:    002746100CEE
LU WWN Device Id: 5 002303 1010613b2
Firmware Version: 2871301
User Capacity:    128,035,676,160 bytes [128 GB]
Sector Size:      512 bytes logical/physical
Rotation Rate:    Solid State Device
Form Factor:      M.2
Device is:        Not in smartctl database [for details use: -P showall]
ATA Version is:   ACS-2 (minor revision not indicated)
SATA Version is:  SATA 3.1, 6.0 Gb/s (current: 6.0 Gb/s)
Local Time is:    Wed Nov  6 13:47:28 2019 CET
SMART support is: Available - device has SMART capability.
SMART support is: Enabled

=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED

General SMART Values:
Offline data collection status:  (0x02) Offline data collection activity
                                        was completed without error.
                                        Auto Offline Data Collection: Disabled.
Self-test execution status:      (   0) The previous self-test routine completed
                                        without error or no self-test has ever 
                                        been run.
Total time to complete Offline 
data collection:                (    2) seconds.
Offline data collection
capabilities:                    (0x11) SMART execute Offline immediate.
                                        No Auto Offline data collection support.
                                        Suspend Offline collection upon new
                                        command.
                                        No Offline surface scan supported.
                                        Self-test supported.
                                        No Conveyance Self-test supported.
                                        No Selective Self-test supported.
SMART capabilities:            (0x0003) Saves SMART data before entering
                                        power-saving mode.
                                        Supports SMART auto save timer.
Error logging capability:        (0x01) Error logging supported.
                                        General Purpose Logging supported.
Short self-test routine 
recommended polling time:        (   1) minutes.
Extended self-test routine
recommended polling time:        (  10) minutes.
SCT capabilities:              (0x003d) SCT Status supported.
                                        SCT Error Recovery Control supported.
                                        SCT Feature Control supported.
                                        SCT Data Table supported.

SMART Attributes Data Structure revision number: 1
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME          FLAG     VALUE WORST THRESH TYPE      UPDATED  WHEN_FAILED RAW_VALUE
  1 Raw_Read_Error_Rate     0x002f   100   100   000    Pre-fail  Always       -       0
  5 Reallocated_Sector_Ct   0x0003   100   100   000    Pre-fail  Always       -       0
  9 Power_On_Hours          0x0002   100   100   000    Old_age   Always       -       2377
 12 Power_Cycle_Count       0x0003   100   100   000    Pre-fail  Always       -       41
170 Unknown_Attribute       0x0032   100   100   000    Old_age   Always       -       55
171 Unknown_Attribute       0x0003   100   100   000    Pre-fail  Always       -       0
172 Unknown_Attribute       0x0003   100   100   000    Pre-fail  Always       -       0
173 Unknown_Attribute       0x0003   100   100   000    Pre-fail  Always       -       13
174 Unknown_Attribute       0x0003   100   100   000    Pre-fail  Always       -       25
175 Program_Fail_Count_Chip 0x0003   100   100   000    Pre-fail  Always       -       0
176 Erase_Fail_Count_Chip   0x0003   100   100   000    Pre-fail  Always       -       0
178 Used_Rsvd_Blk_Cnt_Chip  0x0003   100   100   000    Pre-fail  Always       -       55
179 Used_Rsvd_Blk_Cnt_Tot   0x0003   100   100   000    Pre-fail  Always       -       55
180 Unused_Rsvd_Blk_Cnt_Tot 0x0033   100   100   005    Pre-fail  Always       -       0
181 Program_Fail_Cnt_Total  0x0003   100   100   000    Pre-fail  Always       -       0
182 Erase_Fail_Count_Total  0x0003   100   100   000    Pre-fail  Always       -       0
183 Runtime_Bad_Block       0x0032   100   100   000    Old_age   Always       -       2
195 Hardware_ECC_Recovered  0x0003   100   100   000    Pre-fail  Always       -       0
199 UDMA_CRC_Error_Count    0x0003   100   100   000    Pre-fail  Always       -       0
232 Available_Reservd_Space 0x0003   100   100   010    Pre-fail  Always       -       0
233 Media_Wearout_Indicator 0x0003   100   100   000    Pre-fail  Always       -       56271
241 Total_LBAs_Written      0x0003   100   100   000    Pre-fail  Always       -       36745
242 Total_LBAs_Read         0x0003   100   100   000    Pre-fail  Always       -       33716

SMART Error Log Version: 1
Warning: ATA error count 0 inconsistent with error log pointer 1

ATA Error Count: 0
        CR = Command Register [HEX]
        FR = Features Register [HEX]
        SC = Sector Count Register [HEX]
        SN = Sector Number Register [HEX]
        CL = Cylinder Low Register [HEX]
        CH = Cylinder High Register [HEX]
        DH = Device/Head Register [HEX]
        DC = Device Command Register [HEX]
        ER = Error register [HEX]
        ST = Status register [HEX]
Powered_Up_Time is measured from power on, and printed as
DDd+hh:mm:SS.sss where DD=days, hh=hours, mm=minutes,
SS=sec, and sss=millisec. It "wraps" after 49.710 days.

Error 0 occurred at disk power-on lifetime: 0 hours (0 days + 0 hours)
  When the command that caused the error occurred, the device was in an unknown state.

  After command completion occurred, registers were:
  ER ST SC SN CL CH DH
  -- -- -- -- -- -- --
  00 ec 00 00 00 00 00  Device Fault

  Commands leading to the command that caused the error were:
  CR FR SC SN CL CH DH DC   Powered_Up_Time  Command/Feature_Name
  -- -- -- -- -- -- -- --  ----------------  --------------------
  c8 00 00 00 00 00 00 00      00:00:00.000  READ DMA

SMART Self-test log structure revision number 1
Num  Test_Description    Status                  Remaining  LifeTime(hours)  LBA_of_first_error
# 1  Short offline       Completed without error       00%        73         -

Selective Self-tests/Logging not supported

It's ok for server backup fonction, it's not possible to add one on him ?
Or make a save like a "ghost", or "cloning" ?

Thanks a lot