As if running oracle on linux wasn't bad enough in itself...
Would router-blocking the IP addresses provide some protection?
Not really. IP addresses are really easy to change. And doubtless the threat actors will see that their IPs have been identified and will roll them over soon. The solution is to go after the tactics the attackers are using:
The attack chains exploit known security vulnerabilities and misconfigurations, such as weak credentials, to obtain an initial foothold and execute arbitrary code on susceptible instances.
- Install your updates. If you have a server open to the internet and you haven't patched known exploited vulnerabilities, you deserve to have your network ransomed.
- Many products have either vendor provided or useful third party security configuration guides. While there are situations where business processes prevent some configuration changes, these guides should be followed when possible. And weak passwords should not be on that list.
EDIT: for Oracle Web Logic, you do a lot worse that going through the DoD STIG for it.
Cybersecurity
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world