Brute force attack on server

i have Ubuntu server provided by cloud service during fifteen days i have received many brute force attack on my server to overcome this matter i have installed ClamAV & RootKitHunter antivirus software and blocked attacker server IP Address in firewall If someone better solution than my kindly help me..

1 Reply

stevewi 2 years, 3 months ago

Brute force attacks are a fact of life when you use a Linode. They start sometimes within seconds of spinning up a new Linode. Blocking a single attacker's IP address in your firewall manually is a fool's errand. It'll just be quickly replaced by another and the attack will resume.

I would:

close all ports that are not needed for your application in your firewall;
eliminate the use of passwords in ssh -- set up authentication using a certificate (see: https://kb.iu.edu/d/aews ); and
set up fail2ban with appropriate intervals and filters (see: https://linuxhandbook.com/fail2ban-basic/ ).

-- sw

Reply

Description

Please enter an answer

Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Compute

Storage

Networking

Databases

Services

Developer Tools

Industries

Pricing

Community

Engage With Us

Brute force attack on server

1 Reply

Reply

Tips: