Fail2ban
From wikinotes
Fail2ban is another ip-banning mechanism to protect ssh.
It scans logs for attackers using regex, then bans them with firewall rules.
Generally, configure fail2ban by checking /etc/fail2ban/jail.conf
for filters/options,
and defining them in /etc/fail2ban/jail.local
.
WARNING:
fail2ban's documentation is a full major release behind, and it's instructions don't entirely match the program.
Documentation
official docs https://www.fail2ban.org/wiki/index.php/MANUAL_0_8 arch wiki https://wiki.archlinux.org/index.php/Fail2ban
Tutorials
fail2ban 0.8/9 tutorial https://www.the-art-of-web.com/system/fail2ban-filters/
Notes
fail2ban install fail2ban usage fail2ban configuration