Projects
SSH Auth Failure Log Analyzer
Built a lightweight security monitoring tool to analyze real SSH authentication failures on a Linux system using Windows Subsystem for Linux (WSL).
What I Did
- Parsed SSH authentication logs from
/var/log/auth.log - Wrote a Python script to detect failed SSH attempts and pre-authentication disconnects
- Grouped failures by source IP address and targeted username
- Identified patterns consistent with brute-force attacks
- Generated a readable summary report for quick review
Validation & Testing
- Generated controlled failed SSH login attempts using invalid usernames
- Verified failures appeared in system authentication logs
- Confirmed the analyzer correctly counted and categorized events
- Re-ran analysis after additional attempts to ensure results updated dynamically
- Validated regex matching against multiple SSH failure message formats
Tools
Python • Ubuntu Linux (WSL) • OpenSSH • Linux authentication logs
__________
SSH Hardening
Hardened SSH on an Ubuntu server to improve security while keeping remote access reliable.
What I Did
- Moved SSH to a non-standard port (
2222) - Disabled password-based logins and prevented direct root access
- Limited SSH to modern, secure cryptographic algorithms
- Fixed SSH file permissions (
.sshandauthorized_keys) - Set up persistent firewall rules using
iptables-persistent
Validation & Testing
- Checked the active SSH configuration with
sshd -T - Verified which ports SSH was listening on using
ss - Used verbose SSH output to troubleshoot connection issues
- Learned and accounted for NAT loopback limitations when testing from the same machine
- Confirmed external access by testing from a separate network
Tools
OpenSSH • Ubuntu Linux • iptables / netfilter-persistent • systemd • ssh-audit