sshd Authentication Failures LogWatch Published: Apr 07, 2006
  • Rating


For anyone using LogWatch and is worried about sshd Authentication Failures then you need to understand that there are thousands of robots and scripts that will scan random IPs for easy login access to servers. This is nothing to worry about.

Logwatch Authentication Failures

Authentication Failures:
unknown ( 251 Time(s)
Invalid Users:
Unknown Account: 499 Time(s)

All you need to do is block the IP that’s scanning your system. You can
do this automatically by following my tutorial on Preventing Brute Force

Changing your SSH port number will sometimes help for scanners that are
not targetted but anyone can still do a port scan and run the bot on the
different port. Blocking them with your firewall is be best method.

Once BFD and APF are setup you dont’ need to worry about LogWatch
Authentication Failures anymore.


  • Rating


Related Articles

Comments (0)

No one has commented on this page yet.

Add Your Thoughts is a hosting directory, not a web host.

Copyright © 1998-2018