Hi All,
I have a new set up and have been receiving Fail2Ban emails stating IP’s have been blocked after multiple log in attempts. This is good as its working - BUT - it seems the email notifications I am receiving are increasing and instead of 10 attempts then a ban some are reaching 250+ attempts form an IP then being banned - it seems my set up is receiving a good bit of snooping
So as I am new on this I am keen to know if such probing is sort if normal and I just need to ensure all security is as good as it can be, or have I missed something and am I perhaps unknowingly putting my system out there as a fun option to poke at?