I require keys for ssh, any invalid password attempt gets banned after 1
try.
On 6/2/2019 8:05 AM, Kenneth Porter wrote:
I've noticed that almost all the ssh attacks on my hosts are against
usernames not remotely similar to legitimate users on my machine.
They're mostly service names or the names of admin logins for routers.
Is there some way to look for just those attempts, perhaps based on a
list of commonly-attacked usernames, and instantly ban them without
waiting for retries? The logic I'd need is something that matches the
username against a list, perhaps loaded from a file.
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
