With four Debian servers, each available over both IPv4 and IPv6, login attempts come from many sources. Gabriel Koen, in response to my backups post, asked what I do to monitor logins.
Currently, I use four tools to deal with login monitoring, equally split between proactive and reactive solutions. I don’t believe that any of these are Debian-specific, but I have no relevant experience with other distributions.
Continue reading Four techniques for monitoring server logins