Login Attempts: Is this usual?

Q:\ Is this usual? <br>A:\ It is usual and common on servers facing the internet. These internet facing servers are being scanned for open ports by malicious users everyday all day. <br> <br>Q:\ Am I supposed to be concerned? <br>A:\ Yes, you should be concerned as your server might get compromised. <br> <br>Tip: You can check the Failed login attempts with: <br> sudo cat /var/log/secure | grep Failed <br> <br>

<b>“Is this usual?”</b> <br> <br>Unfortunately, yes (simply Wikipedia DDoS attacks and Brute Force Attacks). <br> <br><b>"Am I supposed to be concerned?</b> <br> <br>If you care about the data on your cloud server… yes. <br> <br>Ditto on using SSH keys <b>and</b> disabling password logins. If connecting from a Windows machine, check out <a href=“https://www.digitalocean.com/community/articles/how-to-create-ssh-keys-with-putty-to-connect-to-a-vps”>How To Create SSH Keys with PuTTY to Connect to a VPS</a>. <br> <br>A firewall will also come in handy: <a href=“https://www.digitalocean.com/community/articles/how-to-setup-a-firewall-with-ufw-on-an-ubuntu-and-debian-cloud-server”>How to Setup a Firewall with UFW on an Ubuntu and Debian Cloud Server</a>.

I recommend installing fail2ban (see joshuataylorx’s link above) and using SSH keys while disabling password authentication: <a href=“https://www.digitalocean.com/community/articles/how-to-set-up-ssh-keys--2”>https://www.digitalocean.com/community/articles/how-to-set-up-ssh-keys--2</a>

Change the SSH port, try fail2ban: <br>https://www.digitalocean.com/community/articles/how-to-protect-ssh-with-fail2ban-on-ubuntu-12-04