For anyone using LogWatch and is worried about sshd Authentication Failures then you need to understand that there are thousands of robots and scripts that will scan random IPs for easy login access to servers. This is nothing to worry about.
Logwatch Authentication Failures
unknown (220.127.116.11): 251 Time(s)
Unknown Account: 499 Time(s)
All you need to do is block the IP that’s scanning your system. You can
do this automatically by following my tutorial on Preventing Brute Force
Changing your SSH port number will sometimes help for scanners that are
not targetted but anyone can still do a port scan and run the bot on the
different port. Blocking them with your firewall is be best method.
Once BFD and APF are setup you dont’ need to worry about LogWatch
Authentication Failures anymore.
WebHostGear.com is a hosting directory, not a web host.
Copyright © 1998-2015 WebHostGear.com