3 day of action Ubuntu Server 14:)
grep sshd.*Did /var/log/auth.log | tail -50
Feb 14 09:41:35 mantykora sshd[3797]: Did not receive identification string from 88.249.106.23
Feb 14 10:17:18 mantykora sshd[4027]: Did not receive identification string from 94.102.48.193
Feb 15 01:41:04 mantykora sshd[17267]: Did not receive identification string from 79.71.81.207
Feb 15 02:31:55 mantykora sshd[17321]: Did not receive identification string from 113.108.21.16
Feb 15 09:07:58 mantykora sshd[19183]: Did not receive identification string from 58.49.91.194
Feb 15 15:54:03 mantykora sshd[3128]: Did not receive identification string from 62.210.24.250
Feb 15 19:12:11 mantykora sshd[3723]: Did not receive identification string from 117.253.221.81
Feb 16 10:08:41 mantykora sshd[4953]: Did not receive identification string from 122.241.63.225
Feb 17 02:01:40 mantykora sshd[5839]: Did not receive identification string from 198.251.79.208
I'm trying to protect using sudo ufw limit OpenSSH 3 attempts at one day, but I do not know how to do it. How to do it?
/etc/hosts.allow– Rajesh Rajendran Feb 18 '16 at 09:37sudo ufw allow from 15.15.15.0/24 to any port 22this is correct? – Mantykora 7 Feb 18 '16 at 09:43ufw limit OpenSSH? Can I limit the number of connections ? – Mantykora 7 Feb 18 '16 at 10:05rule 12 limit rate 2/secondI do not know if this is possible in ubuntu – Mantykora 7 Feb 18 '16 at 11:30fail2ban: see How to harden an ssh server . IIRCmaxretryis set to 3 by default, so you probably don't even need to configure it. – steeldriver Feb 18 '16 at 13:23