List a rough overview for automated ssh login attacks

Posted on 14.10.17   bruteforce Linux SSH Ubuntu

We all love to read log files, and for Linux I tend to simplify that search process if I know what I’m looking for. As you probably know many daemons and programs  logs to /var/log , but usually I don’t care to specify the file (like syslog or mysql.err etc) so I just do cat on all the files in the log dir.

So here’s a quick gem to list automated ssh attacks to your server:

$ sudo cat /var/log/* | grep BREAK-IN

Output:

More on ITDB

Oracle Universal Installer - Successfully completed with errors


NiceHash hacked?


Change Resize Mode for all VMs in RoyalTS 4


Get Linux distribution information from terminal


Finding the source for locked AD account from Event Viewer log on Domain controller




Leave a Reply

Your email address will not be published. Required fields are marked *