VPS + SSH bruteforce attacks

Out of nowhere I had a sudden urge to know “how many people have tried to brute force my VPS?”. The thing about these brute force attacks is that they are all automated and you can’t really filter out “manual” attacks.

I’m surprised that, even though I’m some random person in the internet with no background I’m a target.

33k+ lines of denied access were found in my /var/log/auth.log, that’s sort of scary in a way. I want to find a way to ban (through IP) these attacks.

What to do?

If you got curious and took a peek at your log files. First of all? Change to SSH publickey authentication (more information). Using SSH public key authentication can prevent a lot of headaches due to weak passwords or passwords falling into the wrong hands.

Attacks won’t stop, that’s for sure. So why not take some time and at least protect your personal VPS.

Categorized as Linux

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.