Since I have been playing with Dockerexternal link for the past few weeksexternal link I have had more servers on-line. I don’t have a static IP address at home so while I have a jump host setup I found I was still being port scanned and brute forced.

I only caught a sniff of it in the logs while looking at another problem, even though password authentication is disabled and I only use keys I decided install Fail2Banexternal link to start blocking people, just in-case. As I use Puppetexternal link I installed a module and enabled it. Since then I have been flooded with emails !!!

Across both of the machines I am currently running it has been triggered over 150 times in the last 48 hours, and thats just SSH. Considering that this machine is nothing than a test server I would hate to be actually running anything of worth.