A host from china try to ssh into my VM continuously

Posted January 5, 2015 3.4k views

I’ve banned him and the attacker’s IP address is:

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
2 answers

Welcome to the wild wild west version 2.0.

You’re bound to have all sorts of attackers that spoof their IP address. You may want to look at fail2ban to deal with attempted breakins. Also, look into key only ssh login instead of password authenticated logins.

by Justin Ellingwood
Fail2ban is a daemon that can be used to monitor the logs of services and ban clients that repeatedly fail authentication checks. It is a great tool to help protect against brute force attacks and malicious users. In this guide, we'll discuss how fail2ban works and how you can leverage its configuration structure to modify or extend its functionality.

fail2ban solves all (oh, and server passwords are sin, use keyfiles c:)