Protect your SSH server against brute-force attacks

Latest update on April 17, 2013 at 08:33 AM by deri58 .

Intro
Advanced use of Fail2ban

Intro

SSH can be used to access to your files remotely, it even allow you to use/manage a computer remotely. But how to protect yourself against brute-force attacks ?
(Test all combinations of letters to find the password).
It's simple:
```
sudo aptitude install fail2ban 
```
If someone makes 6 failed attempts to connect on the ssh server, its IP address will be banned for 10 minutes.
It is sufficient to obviate such an attack.
To see the actions of the program, do:
```
sudo cat /var/log/fail2ban.log
```

Advanced use of Fail2ban

Fail2ban can be configured to do many other things.
In principle, it monitors the log files of your choice, and then triggers actions.
In the case of ssh, it monitors /var/log/auth.log and execute command iptables to ban IP addresses.
Open the file /etc/fail2ban/jail.conf
It already contains the lines to block attacks on the ftp server (vsftpd, wuftpd, proftpd ...), postfix, apache ...

You can start by replacing enabled=false to enabled=true.

Protect your SSH server against brute-force attacks
Installing a SSH server on Ubuntu - How-To - Ubuntu
Brute force format usb drive ✓ - Forum - Mobile
How to force format a usb drive write protected - Forum - Pen Drive/USB Key/SD Card
Web server attacks - Articles
Protect your Counter-Strike Source Server- The Anti-Cheats - How-To - Counter Strike

This document, titled « Protect your SSH server against brute-force attacks », is available under the Creative Commons license. Any copy, reuse, or modification of the content should be sufficiently credited to CCM (ccm.net).

GIMP-Add watermarks on your Digital Arts

Ubuntu - Unable to run applications