Proxmox host became unreachable after aggressive port scan

O

openaspace

Active Member
Sep 16, 2019
486
13
38
Italy
Hi.
I have setup my host hypervisor to answer only from my static ip address.
Today , performing an aggressive port and vulnerability scan from different ip with a vpn using zenmap , the proxmox host control pannell give me time-out error from my white listed IP.

What I can do to avoid this?
 
hi,

do you have fail2ban set up? maybe you got yourself banned

or if you're not hosting your server yourself, your hoster could have some protection in place
 
do a fail2ban-client status proxmox and see if your IP is in there
 
hi, the problem was : ifupdown2 ....
the host was reacheable from ssh .. vm was online.. but the proxmox was off

after uninstalling it and rebooting the host, it's all ok
 
glad your issue is solved. but what makes me wonder is, was it just a coincidence or did you actually trigger this with the nmap scan somehow?
 
Hi.
I can't test why this happened.
It's a single host and I can't try to reproduce the error.
After the aggressive port scan (3 contemporary scan from 3 different networks) I have realized that the vmbr0 was unreachable though ssh was answering from public network.

Sometimes on first ssh connection, the connection was refused or in time out.

Reboot command was non working, qm commands not working...

I have powered off each vm connecting directly from each vm, and performed and hard reset on the host. After reboot the vmbr0 was till not responding, therefore uninstalled ifupdown2 and rebooted the host and all works correctly now.
 
You must log in or register to reply here.
Top Bottom