A host from china try to ssh into my VM continuously
I've banned him and the attacker's IP address is: 122.225.103.103.
Log In to Comment
2 Answers
Welcome to the wild wild west version 2.0.
You're bound to have all sorts of attackers that spoof their IP address. You may want to look at fail2ban to deal with attempted breakins. Also, look into key only ssh login instead of password authenticated logins.
Fail2ban is a daemon that can be used to monitor the logs of services and ban clients that repeatedly fail authentication checks. It is a great tool to help protect against brute force attacks and malicious users. In this guide, we'll discuss how fail2ban works and how you can leverage its configuration structure to modify or extend its functionality.
Have another answer? Share your knowledge.