Today, when I was checking the logs on my server, I noticed that someone was trying to hack it by quessing usernames and passwords. The command cat /var/log/auth.log Returned something like this: Invalid user danica from (attacker ip) input_userauth_request: invalid user danica [preauth] pam_unix(sshd:auth): check pass; user unknown pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=(attacker ip) Failed password for invalid user danica from (attacker ip) port 20135 ssh2 Received disconnect from (attacker ip): 11: Bye Bye [preauth] reverse mapping checking getaddrinfo for (attacker host) [(attacker ip)] failed - POSSIBLE BREAK-IN ATTEMPT! Invalid user daniela from (attacker ip) input_userauth_request: invalid user daniela [preauth] pam_unix(sshd:auth): check pass; user unknown pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=(attacker ip) Failed password for invalid user daniela from (attacker ip) port 120