...
The default settigs of fail2ban are usually good enough but you can also customize fail2ban to suit your needs.
After a day or so on the Internet you should start seeing people getting banned in the logs, /var/log/fail2ban.log. Here is an example of an ip getting banned and then after 10 minutes it unbans,
...
Tip |
---|
This section can be improved with a linked article on how to customize fail2ban to ignore specific ip addresses and subnets. |
Deny Hosts
Another package that should be installed to prevent distributed brute force ssh attacks is Deny Hosts.
...