fail2ban: block ssh bruteforce attacks

fail2ban A while ago, I was checking servers’ logs to see any suspicious activities going on from outside. I noticed that the servers both staging/testing and production servers are receiving a lot of brute force SSH attacks from variety of countries which are shown in table below. List of IP Addresses ( who are doing SSH Brute Forcing ) ** Information on the table gathered from: [ https://www.maxmind.com/en/geoip-demo ] Ban failed attempts Although servers have no password login, they are kept brute forcing on SSH port....

February 24, 2021 · 3 min · mrturkmen