0

I configured my server to block all ports except 22,80 and 443 with UFW. I then created a fail2ban rule to put in jail every IP that scan ports unsuccessfully more than 5 times and report it to AbuseIP.

After some adjustments it's working well so far, except that I noticed my port 27015 is reported a lot of times with IPs that I seem to be the only one to report, for example: https://www.abuseipdb.com/check/72.76.108.239

What do you think might lead to this? I suspect the previous owner of the server used it for some steam game servers, but I can't be sure.

Climbatize
  • 101
  • 2

1 Answers1

2

Welcome to the Internet.

You've got search engine indexers crawling the web, you've got bad actors looking for targets, and you have curious people "trying stuff".

Anything you present to the Internet will get hit, so you'd better keep it secure.

Mikael H
  • 5,031
  • 2
  • 9
  • 18
  • yeah, well, as you can see on my abuse ip db account I already reported half a million of IPs so I pretty know the dangers of the world wide web ^^ But I'm really curious why this port particularly by several ISP around the world – Climbatize Aug 24 '21 at 13:06