Automatically capture VPN on Root.

**STAUFFi** · 15th January 2014, 21:31

2-5 People dos my server all times and other want hack my system (
Jan 15 04:29:21 root sshd[------]: Failed password for root from 88.150.230.42 port 36453 ssh2
Jan 15 04:29:21 root sshd[------]: Connection closed by 88.150.230.42 [preauth])

How can i ban
Automatic VPNs?
i dont want write all times iptables iptables -A INPUT -s 88.150.230.42 -j DROP.
Greets stauffi

**YuriJurek** · 15th January 2014, 22:24

You can not detect who's behind a VPN so you can not automatically ban an VPN.

As for the above problem, advise: do some research on google, look up more info on fail2ban, it's quite good.

Just for the impatient:

PHP Code:


sudo apt-get install fail2ban

// Edit

As well you can use ssh authentication which is waaay much more secure then a normal login/password method of connecting to your server as a root.

**Mitch** · 16th January 2014, 12:03

Does your ssh still run on the default port? (22) (if yes, try changing it in the config)

**thOuMta** · 20th January 2014, 21:05

For that make a firewall:

PHP Code:


vi /etc/init.d/firewall

PHP Code:


iptables -I INPUT -s 88.150.230.42 -j DROP

PHP Code:


chmod +x /etc/init.d/firewall

PHP Code:


/etc/init.d/firewall

**STAUFFi** · 23rd January 2014, 17:56

i changed the SSH Port
I hope its help.
thx Yuri,Mitch & thoumta

Greets

Thread: Automatically capture VPN on Root.

Thread Tools

Search Thread

Display

Automatically capture VPN on Root.

The Following 2 Users Say Thank You to YuriJurek For This Useful Post:

The Following User Says Thank You to Mitch For This Useful Post:

The Following User Says Thank You to thOuMta For This Useful Post:

The Following User Says Thank You to STAUFFi For This Useful Post:

Posting Permissions