![]() And lo and behold, the attacks stopped almost completely. After getting one Fail2Ban warning after another, I decided to also move my SSH server to another port. There are many articles ( this is one of them) on the web which describe how you can harden your SSH server, like preventing root logins, to give an example. ![]() It updates firewall rules to reject the IP address. ![]() To recap, Fail2Ban does this:įail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. While exploring Fail2Ban during one of my previous posts, it amazed me how many break-in attempts I received, trying to brute force passwords on the SSH daemon. Running A SSH Honeypot With Kippo: Let’s Catch Some Script Kiddies Introduction
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |