install fail2ban

fail2ban is a Python script that help you to protected against brute force

Install : apt-get install fail2ban

some config … before all you should create a copy from fail2ban config file
cd /etc/fail2ban
cp -r jail.conf jail.local
now we can change the jail.local

for sending email set destemail as your email .
change action to action = %(action_mwl)s
add below code at the end of file

[ssh]
enabled = true
port = ssh,some_port
filter = sshd
logpath = /var/log/auth.log
maxretry = 2
bantime = 10m

After that restart fail2ban service
service fail2ban stop
service fail2ban start

now you should check the inbox or span folder for an email from fail2ban.also, you can check the banned ip by
fail2ban-client status sshd
for more detail you can check this article

Leave a Reply

Your email address will not be published. Required fields are marked *

28 ÷ 7 =