Keep it tight everyone! This is a day of sshd logs from a proxy server in China pinging my SSH server and trying every username imaginable. Does anyone have any tips to increase security?

This page summarizes the projects mentioned and recommended in the original post on /r/archlinux

Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
  • endlessh

    SSH tarpit that slowly sends an endless banner

    But, as a prank to Chinese hackers, what I did on my system was to run endless ssh. It keeps the ssh client busy as it slowly sends the ssh banner. I modified the code to send strings like:

  • fail2ban-sshd-permaban

    Permabans an IP after X bans from fail2ban

    I was tired of having my logs be filled with it as well, so I just ended up coding a fail2ban extension that permabans an ip after fail2ban bans it more than a few times.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  • fail2ban-endlessh

    Combining the powers of endlessh and fail2ban.

    Use https://github.com/itskenny0/fail2ban-endlessh as base in order to create action.d/endlessh.conf and jail.d/endlessh.conf in /etc/fail2ban

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts