Is someone bruteforcing my password? sshd: unknown [net] and sshd: [accepted] flashing in htop

Solution 1:

Check your /var/log/auth.log

Install fail2ban and autoban ssh bruteforcers. You can edit /etc/fail2ban/jail.conf:

[ssh]

enabled = true
port    = 22
filter  = sshd
logpath  = /var/log/auth.log
bantime = -1
maxretry = 5

Solution 2:

Check your /var/log/auth.log you should see a high number of failed attempts if someone is trying to attack you. It's commonly known as Internet Background noise.

You can install a a host based intrusion detection system like OSSEC and enable the active response to temporarily block offending IP addresses.

Is someone bruteforcing my password? sshd: unknown [net] and sshd: [accepted] flashing in htop

Solution 1:

Solution 2:

Tags:

Ssh

Vps

Related

Recent Posts