Abuse notices

Ignore them. SSH is incredibly easy to lock down. You won't see any trash in the log files after you've changed the config.

PermitRootLogin no
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
PasswordAuthentication no

Send an abuse notice to their uplink provider(s).

I sent a few abuse complaints (smtp/pop3 hits), but 3 weeks later, still hitting us... All I do now is 'drop' the IPs.... Ofc, abuse departments must get thousands a day and can't respond personally, but still, after 3 weeks, you think you'd should see some action, right?

Quick question,

iv got a few IP's constantly hitting ssh on one of my servers, iv fired off the fail2ban logs to the provider (not OVH) but nothing appears to be getting done.

Just wondering what others do in that situation?

Also, i think someone posted a script that automaticly fired off abuse notices from fail2ban to the abuse address listed in the whois of an address. anyone remember who posted it or where it was? im sure it was here, but i could be wrong.