Protect your SSH server against brute-force attacks
Intro
- SSH can be used to access to your files remotely, it even allow you to use/manage a computer remotely. But how to protect yourself against brute-force attacks ?
- (Test all combinations of letters to find the password).
- It's simple:
-
sudo aptitude install fail2ban
- If someone makes 6 failed attempts to connect on the ssh server, its IP address will be banned for 10 minutes.
- It is sufficient to obviate such an attack.
- To see the actions of the program, do:
-
sudo cat /var/log/fail2ban.log
Advanced use of Fail2ban
- Fail2ban can be configured to do many other things.
- In principle, it monitors the log files of your choice, and then triggers actions.
- In the case of ssh, it monitors /var/log/auth.log and execute command iptables to ban IP addresses.
- Open the file /etc/fail2ban/jail.conf
- It already contains the lines to block attacks on the ftp server (vsftpd, wuftpd, proftpd ...), postfix, apache ...
You can start by replacing enabled=false to enabled=true.
Related
- Protect your SSH server against brute-force attacks
- Brute force android pin - Guide
- How to force format write protected usb - Guide
- Xvideoservicethief 2019 linux ddos attack free download for windows 7 - Forum - Facebook
- Xvideoservicethief 2019 linux ddos attack free download for windows 7 video youtube ✓ - Forum - Android
- I want download a 4 chanal video mixer software - Forum - Downloading
This document, titled « Protect your SSH server against brute-force attacks », is available under the Creative Commons license. Any copy, reuse, or modification of the content should be sufficiently credited to CCM (ccm.net).