🔐 Tracking Unauthorized SSH Attempts with a Bash Script

Securing a Linux server isn’t just about firewalls — it’s about knowing who’s trying to break in. I wrote a lightweight Bash script called badssh.sh to track SSH intrusion attempts on port 22.

🧰 What It Does:

• Scans UFW logs for blocked IPs

• Displays the last 10 unique blocked IPs

• Shows the timestamp, location, and network hops

• Counts total blocked attempts for the day

⚙️ Setup:

• Requires ufw, geoiplookup, and traceroute

• Enable UFW logging with sudo ufw logging on

• Run manually or schedule with cron: 0 9 * * * /path/to/badssh.sh >> /var/log/ssh-monitor.log

🔗 GitHub: mikecozier/Bad-SSH-Attempts