OpenSSH Brute-Force Protection - How to stop brute-force attacks on SSH protocol on Windows.
RdpGuard
Intrusion prevention system for your Windows Server
 
Follow:
Twitter
Telegram
Facebook
RSS

OpenSSH Brute-Force Protection

OpenSSH is the open-source implementation of the Secure Shell (SSH) protocol. It is based on the client-server architecture and provides secure and convenient way of connection to Linux and other Unix-like systems over the network.

OpenSSH was included to Windows and available as an optional system component in all Windows systems starting from Windows 10 and Windows Server 2019. You may also install it on older Windows editions from the official repository.

SSH on port 22 is probably the most common remote access protocol over the world and it makes it goal #1 for hackers. The new server with SSH port exposed to the world is discovered within a seconds and being subject of the brute-force attack immediately.

Here is how the Security event log looks after a couple of hours:

OpenSSH Brute-Force Attempts

OpenSSH Brute-Force Attempts on Windows Server 2019

You may discover thousands of 4525 events with:

  • Failure Reason: - Unknown user name or bad password
  • Caller Process Name: - C:\Windows\System32\OpenSSH\sshd.exe

And this is how the OpenSSH Operational log looks like:

OpenSSH Operational log

SSH Brute-Force Attempts recorded in the OpenSSH Operational log

The OpenSSH Operational log may also contain thousands of events with the reason like below:

sshd: Failed password for invalid user <User Name> from <IP Address> port <Port> ssh2

These events mean brute-force attack on your server via SSH protocol.

RdpGuard offers effective brute-force protection for OpenSSH server allowing you immediately stop brute-force attacks on your server via SSH protocol.

For Windows Vista/7/8/8.1/10/11 and Windows Server 2008/2012/2016/2019/2022

To Enable OpenSSH Protection

1. Start RdpGuard Dashboard and click the link next to OpenSSH

openssh protection link

Click the OpenSSH link

2. RdpGuard service will be restarted.

OpenSSH protection status will be changed to Enabled.

openssh protection enabled

OpenSSH Protection Enabled

RdpGuard 9.9.9 Free Trial

RdpGuard protects:

Social Connection
RdpGuard Logo
 
People like RdpGuard!
Our customers say

"This sotware is really great. It's a relief. Because my server is constantly under attack. Thanks RdpGuard" - Joaquim De Sousa Marques

"Nice product. I used to implement something similiar in a low-tech and cumbersome manner via a script called TSBlock (not mine). This makes it much easier and is well worth the pricetag for SMB's." - J. Johnson

"Absolutely amazed at your product. We are a church in the North Dallas area, and I discovered this morning multiple failed logon attempts via our Remote Access Server. A friend suggested your product, so I immediately downloaded the trial. It had a list of about five blocked IP addresses in minutes, and that was enough to lead me to push the BUY button. Over the past 10-15 minutes the list is now about thirty with at least a third being international attempts to break into our system. Thanks for a great product. You may have just saved us much grief." - John Hallford

"Love the software. RDP on our Windows servers is just ridiculous. We would block it in the router but we have lots of old-time customers that would have issues." - Scott Hirsch

"Love the software! Makes it easier than tailoring VB Scripts!!" - Nick Brennan

"It's a great product - really stopping those RDP attackers :-)" - Dave, UK

"First of all: Your application is very (!!!) useful and I like it very much securing my 2012 R2 server. RdpGuard is the best solution, I found on the market and after 10 minutes of testing it I ordered the fully-featured version. :-)" - Carsten Baltes

Our Other Products
TntDrive
Easily mount Amazon S3 Bucket as a Windows Drive
S3 Browser
Powerful Windows Client for Amazon S3 and Amazon CloudFront
Copyright © 2012-2025 NetSDK Software. All rights reserved.  Terms of Use.  Privacy Policy.