ufw should keep the rule permanent.

There's a program/service that will keep track of this for you automatically (and do the limit brute force, and block multiple failed attempts) called sshguard. If you use that, you can see how many unique IPs attempted to break into your system by reading your /etc/hosts.deny file.

For my public-facing servers, I get about 13 unique new attackers per day.

On Wed, Feb 4, 2015 at 2:32 PM, Michael Havens <bmike1@gmail.com> wrote:

I was wondering.... I was playing bandit and on level 13 they say some suggested reading is https://help.ubuntu.com/community/SSH/OpenSSH/Keys . I was reasing that page and followed a link to https://help.ubuntu.com/community/SSH/OpenSSH/Configuring#Logging because I always wondered how I could see how many log in attempts were made to my computer (not that I think anyone will crack my password which is greater than ten characters. Wait a second.... I do not think I ever set an ssh password. ...
guys, my websearch has proven to be fruitless. what do you suggest I do?

in any case, I was looking at the settings for openssh.config (or whatever the file is called) and happened upon:

Rate-limit the connections

which happens to use ufw:

sudo ufw limit ssh

I was wondering if that command would turn it on permanently? After I entered the command it responded with something like 'new rule added' so I am assuming (I am not an ass!) that is so.

I was wondering what should be changed?
I am making loglevel Verbose
:-)~MIKE~(-:

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss

Todd Millecam