I hope by now all of you have heard about firewalls. In linux we generally use IPtables for controlling the traffic as per our requirement.
From Wikipedia: IPtables is a user space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall
(implemented as different Netfilter modules) and the chains and rules it stores.
Iptables requires elevated privileges to operate and must be executed by user root, otherwise it fails to function.
Now let us go to our scenario:
Take a look at your log file (/var/log/secure for REDHAT/Fedora ) and you will discover numerous automated ssh hacking attempts using dictionary attack. So now you have identified the offending addresses. How do you stop them?
Here comes the magic mantra which uses iptables (packet) firewall:
iptables -A INPUT -s a.b.c.d -j DROP
Replace a.b.c.d with the offending IP address. Repeat this for each of the offending IP addresses.
