It might not belong to Liberty Global itself even though it was
registered as such but to one of their subsidiaries, likely Virgin
Media or Vodafone.

Random SSH probes happen very frequently, it's nothing to worry about
if you deny root login, force public key (Ed25519 if your version of
sshd supports it) authentication and make use of the AllowUsers config
variable.

Fail2Ban is useless bloatware in my opinion, you can do the same with
iptables natively.

- William

Surely it is one of their customers
..





From: tor-relays <tor-relays-***@lists.torproject.org> On Behalf Of Cristiano Kubiaki Gomes
Sent: 05 April 2021 16:34
To: tor-***@lists.torproject.org
Subject: [tor-relays] ssh request from Virgin Media (Liberty Global)



I have a Relay and a Bridge up and running with ssh password disabled, ssh port changed and fail2ban installed.



With that I noticed that one particular IP was trying to ssh my both machines and that IP belongs to Liberty Global, an Anglo-Dutch-American telecommunication company which is owner of the Virgin Media, UPS and Vodafone.



I was wondering, why is this company trying to ssh my Tor machines?



Has anyone else noticed this?



I am afraid to share the company IP here because they could be here on this list and they could use one IP to target on specific subject and if I disclose that IP they could find me out 😂



It’s just a FYI.



Stay safe.

It could be an exposed router on their network someone is using to probe you.  Just ban like your currently doing, restrict to specific IP, and/or change your Ssh port is about all you can do.  Ssh scanning bots out there are as numerous as plankton it seems. XD