Return to Logsurfer

Logsurfer Example Configuration for SSH Attacks

The following rule demonstrates how Logsurfer+ can be used to detect brute force attacks against an SSH server. The rules can be adapted to detect similar attacks against other services.

Logsurfer+ v1.6 or higher is required for these rules.

Permanent link to this article: https://www.crypt.gen.nz/logsurfer/config_ssh_attacks/