A brute force attack report, What should i do next for protect my server?

[RAGOpoR]

A brute force attack has been detected in one of your service logs.

IP 202.29.33.246 has 25 failed login attempts: sshd4=7&sshd5=18
User root has 21 failed login attempts: sshd5=21

Check the 'Admin Level -> Brute Force Monitor' for more information

according to that message what should i do next to prevent that attacker ?

 

[Acceleratic]

You don't have to do anything. All those brute forces was there when the monitor wasn't installed also... mostly they check on invalid usernames.

When they keep hammering you can ban the ip in your firewall. Then wait for the next with a hammer.

 

[RAGOpoR]

You don't have to do anything. All those brute forces was there when the monitor wasn't installed also... mostly they check on invalid usernames.

When they keep hammering you can ban the ip in your firewall. Then wait for the next with a hammer.

thank you for your information

 

[zEitEr]

what should i do next to prevent that attacker ?

Ban the IP

 

[LawsHosting]

Or, like us, if you do not offer clients SSH access, filter out every IP except your own to access port 22.

Note: This only works if you have a static IP though.

For other ports, just ban them when you get an alert. China is our top enemy at the moment.