firewall after 24-48 hours blocking SSH bots
Noticed a few bots attempting to get into root on my test server, installed fail2ban set minimum ban time to 2 years and the result has surprised even me.
Chain fail2ban-SSH (1 references) target prot opt source destination REJECT all -- 182.100.67.112 anywhere reject-with icmp-port-unreachable REJECT all -- 212-129-8-87.ggsmarket.net anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.168 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.148 anywhere reject-with icmp-port-unreachable REJECT all -- 58.218.213.254 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.140 anywhere reject-with icmp-port-unreachable REJECT all -- 182.100.67.102 anywhere reject-with icmp-port-unreachable REJECT all -- 218.87.111.117 anywhere reject-with icmp-port-unreachable REJECT all -- 58.218.204.241 anywhere reject-with icmp-port-unreachable REJECT all -- 59.63.192.198 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.90 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.120 anywhere reject-with icmp-port-unreachable REJECT all -- 221.229.166.30 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.187 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.146 anywhere reject-with icmp-port-unreachable REJECT all -- 222.186.21.240 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.165 anywhere reject-with icmp-port-unreachable REJECT all -- 221.229.166.240 anywhere reject-with icmp-port-unreachable REJECT all -- 58.218.211.166 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.131 anywhere reject-with icmp-port-unreachable REJECT all -- 117.21.174.111 anywhere reject-with icmp-port-unreachable REJECT all -- 60.173.26.8 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.153 anywhere reject-with icmp-port-unreachable REJECT all -- 58.218.199.195 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.142 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.123 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.116 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.149 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.191.147 anywhere reject-with icmp-port-unreachable REJECT all -- 221.229.166.29 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.152 anywhere reject-with icmp-port-unreachable REJECT all -- 182.100.67.113 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.191 anywhere reject-with icmp-port-unreachable REJECT all -- 58.218.199.49 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.161 anywhere reject-with icmp-port-unreachable REJECT all -- 182.100.67.114 anywhere reject-with icmp-port-unreachable REJECT all -- 58.218.213.212 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.92 anywhere reject-with icmp-port-unreachable REJECT all -- 218.16.129.142 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.189 anywhere reject-with icmp-port-unreachable REJECT all -- 58.135.83.115 anywhere reject-with icmp-port-unreachable REJECT all -- 93.174.93.45 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.183 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.147 anywhere reject-with icmp-port-unreachable REJECT all -- 222.186.21.209 anywhere reject-with icmp-port-unreachable REJECT all -- 218.87.111.108 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.118 anywhere reject-with icmp-port-unreachable REJECT all -- 176.120.203.235 anywhere reject-with icmp-port-unreachable REJECT all -- 187-49-199-157.outcenter.com.br anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.16.12 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.100.13 anywhere reject-with icmp-port-unreachable REJECT all -- 212.76.143.7 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.112.136 anywhere reject-with icmp-port-unreachable REJECT all -- 134.255.162.88 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.121 anywhere reject-with icmp-port-unreachable REJECT all -- 61.143.236.193 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.133 anywhere reject-with icmp-port-unreachable REJECT all -- 58.218.211.190 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.145 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.159 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.169 anywhere reject-with icmp-port-unreachable REJECT all -- 61.160.222.76 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.93 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.115 anywhere reject-with icmp-port-unreachable REJECT all -- 221.229.160.237 anywhere reject-with icmp-port-unreachable REJECT all -- 109.161.216.192 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.154 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.138 anywhere reject-with icmp-port-unreachable REJECT all -- 222.186.21.217 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.57.117 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.102.111 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.60.194 anywhere reject-with icmp-port-unreachable REJECT all -- mx.vertical.ru anywhere reject-with icmp-port-unreachable REJECT all -- 187.111.53.86 anywhere reject-with icmp-port-unreachable REJECT all -- 134.255.160.154 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.98.71 anywhere reject-with icmp-port-unreachable REJECT all -- 187.84.178.56 anywhere reject-with icmp-port-unreachable REJECT all -- 94.97.44.63 anywhere reject-with icmp-port-unreachable REJECT all -- 109.161.250.46 anywhere reject-with icmp-port-unreachable REJECT all -- 195.208.163.250 anywhere reject-with icmp-port-unreachable REJECT all -- 185.11.226.231 anywhere reject-with icmp-port-unreachable REJECT all -- 92-223-223-162.ip275.fastwebnet.it anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.144 anywhere reject-with icmp-port-unreachable REJECT all -- 58.218.201.22 anywhere reject-with icmp-port-unreachable REJECT all -- 177.223.103.9 anywhere reject-with icmp-port-unreachable REJECT all -- 159.20.216.123 anywhere reject-with icmp-port-unreachable REJECT all -- host134-73-static.15-188-b.business.telecomitalia.it anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.162 anywhere reject-with icmp-port-unreachable REJECT all -- 221.229.166.28 anywhere reject-with icmp-port-unreachable REJECT all -- 221.203.3.117 anywhere reject-with icmp-port-unreachable REJECT all -- 222.186.21.251 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.150 anywhere reject-with icmp-port-unreachable REJECT all -- 58.218.213.230 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.156 anywhere reject-with icmp-port-unreachable REJECT all -- 221.229.160.222 anywhere reject-with icmp-port-unreachable REJECT all -- 179.189.82.5 anywhere reject-with icmp-port-unreachable REJECT all -- 5.133.62.70 anywhere reject-with icmp-port-unreachable REJECT all -- 81.195.177.138 anywhere reject-with icmp-port-unreachable REJECT all -- 221.229.166.254 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.125 anywhere reject-with icmp-port-unreachable REJECT all -- 221.229.166.98 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.160 anywhere reject-with icmp-port-unreachable REJECT all -- 187-51-139-5.customer.tdatabrasil.net.br anywhere reject-with icmp-port-unreachable REJECT all -- 61.160.215.103 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.126 anywhere reject-with icmp-port-unreachable REJECT all -- 92.155-73-188.telenet.ru anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.185 anywhere reject-with icmp-port-unreachable REJECT all -- 221.229.166.27 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.89.90 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.11.210 anywhere reject-with icmp-port-unreachable REJECT all -- ip-176-192-111-91.bb.netbynet.ru anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.97.165 anywhere reject-with icmp-port-unreachable REJECT all -- Serrana--186-219-133-22.srt.net.br anywhere reject-with icmp-port-unreachable REJECT all -- 147.4.161.222.adsl-pool.jlccptt.net.cn anywhere reject-with icmp-port-unreachable REJECT all -- 109.161.198.72 anywhere reject-with icmp-port-unreachable REJECT all -- 109.161.246.66 anywhere reject-with icmp-port-unreachable REJECT all -- 134.255.172.92 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.52.231 anywhere reject-with icmp-port-unreachable REJECT all -- 62-76-40-216.clodo.ru anywhere reject-with icmp-port-unreachable REJECT all -- 178.132.32.9 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.31.167 anywhere reject-with icmp-port-unreachable REJECT all -- 109.161.200.101 anywhere reject-with icmp-port-unreachable REJECT all -- 222.186.51.228 anywhere reject-with icmp-port-unreachable REJECT all -- 109.161.228.73 anywhere reject-with icmp-port-unreachable REJECT all -- 93.174.135.241 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.73.255 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.190 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.113.93 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.102.40 anywhere reject-with icmp-port-unreachable REJECT all -- broadband-37-110-134-54.nationalcablenetworks.ru anywhere reject-with icmp-port-unreachable REJECT all -- 91-228-230-228.in-linetelecom.ru anywhere reject-with icmp-port-unreachable REJECT all -- 109.161.138.59 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.28.197 anywhere reject-with icmp-port-unreachable REJECT all -- bb15c8e6.virtua.com.br anywhere reject-with icmp-port-unreachable REJECT all -- 84.16.157.69 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.111.69 anywhere reject-with icmp-port-unreachable REJECT all -- 221.229.166.16 anywhere reject-with icmp-port-unreachable REJECT all -- 109.236.24.147 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.88.254 anywhere reject-with icmp-port-unreachable REJECT all -- 109.63.120.60 anywhere reject-with icmp-port-unreachable REJECT all -- 187.54.115.194 anywhere reject-with icmp-port-unreachable REJECT all -- 13.104.109.187.dynamic.ampernet.com.br anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.141 anywhere reject-with icmp-port-unreachable REJECT all -- 200.179.231.121 anywhere reject-with icmp-port-unreachable REJECT all -- 109.161.154.50 anywhere reject-with icmp-port-unreachable REJECT all -- 109.161.192.236 anywhere reject-with icmp-port-unreachable REJECT all -- 58.218.204.226 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.143 anywhere reject-with icmp-port-unreachable REJECT all -- 222.186.58.131 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.182 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.166 anywhere reject-with icmp-port-unreachable REJECT all -- 195-154-56-58.ggsmarket.net anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.151 anywhere reject-with icmp-port-unreachable REJECT all -- 61.160.213.190 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.117 anywhere reject-with icmp-port-unreachable REJECT all -- 218.87.111.109 anywhere reject-with icmp-port-unreachable REJECT all -- 61.160.212.27 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.124 anywhere reject-with icmp-port-unreachable REJECT all -- 43.255.190.175 anywhere reject-with icmp-port-unreachable