Something tells me I need to update my security…
How many of you actually disable root and password based login, change the default SSH port, and setup fail2ban?
I just don’t put SSH on the internet at all.
Is fail2ban not enough?
There’s no reason to allow root login, it’s asking for trouble. Password based login is even worse. Changing the SSH port just makes it harder for the drive-by bots trying the whole IPv4 range
What are they?
Looks like scrot pngs from here
Is there a bit more context to this? This just shows a bunch of image file names.
Scrot is a screenshot tool in Linux that you can run from the command line, I think the implication is that OP didn’t do this on purpose so “may have been hacked”, or had something heavy fall on their “Prnt Scrn”.
What service has been attacked?