Brut Force Attemt Made on my Server

I got a Brut Force Attempt on my Server this morning.
The attacker IP was from Republic of Lithuania.
I have all the necessary logs.

Is there any way I can report it? If yes, to whom?

 

No its no point in reporting right now nothing actually happens if you complain to anyone

Try some kind of security where if some one uses wrong password 5 times or 3 times ip is banned temporary

 

do whois with ip address in *nix shell or use some web-gateway to whois and look who owned this IP. In the most cases it's some provider having some abuse email address and doesn't like such things to be happen.

 

You will get the abuse contact from IP whois but I don't think this will help anyway.

 

The abuse email people normally dont even reply

 

the best way is to make sure that another attack doesnt hurt your server. keep the protection high, and block all suspicious ips in the firewall. if the reporting thing worked properly, there would be no attackers left in the world.

 

You can try blocking the entire IP range. You should be able to grab the IP address from your logs somewhere.

 

how exactly to block ip range. i tried CIDR and couldnt understand it. Please can somebody help!

 

Do not be concerned this is very common and there is not much that be done to stop it.

However to keep yourself safe, have strong passwords on all of your accounts and if possible run ssh on a different port.

 

Try using software such as Fail2Ban.

Fail2Ban watches your log files and automatically bans IP addresses that have too many failed login attempts.

It will unban that IP after 5 minutes in case you have mistyped your password so ultimately this will just slow down the attacker rather than stopping them completely. A good password policy is vital to keep them out.