-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathindex.html
More file actions
346 lines (329 loc) · 21.2 KB
/
index.html
File metadata and controls
346 lines (329 loc) · 21.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
<!DOCTYPE html>
<html lang="en">
<head>
<link rel="preconnect" href="https://forwardemail.net">
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>SSH Monitoring | Real-time Security Alerts & Activity Tracking</title>
<meta name="description" content="Secure your servers with comprehensive SSH monitoring. Get real-time alerts for unauthorized access attempts, track user activity, and enhance your security posture.">
<meta name="keywords" content="SSH monitoring, SSH security monitoring, SSH access monitoring, SSH activity monitoring, SSH connection monitoring, SSH login monitoring, SSH security alerts">
<link rel="stylesheet" href="css/styles.css">
<link rel="stylesheet" href="css/seo-optimization.css">
<link rel="stylesheet" href="css/resources.css">
<link rel="stylesheet" href="css/citations-compact.css">
<link rel="stylesheet" href="css/enhanced-navigation.css">
<link rel="stylesheet" href="css/light-mode.css">
<link rel="stylesheet" href="css/light-mode-optimization.css">
<link rel="stylesheet" href="css/global-contrast-fix.css">
<link rel="stylesheet" href="css/light-mode-contrast-fix.css">
<link rel="stylesheet" href="css/edit-link.css">
<link rel="stylesheet" href="css/hero-text-fix.css">
<link rel="stylesheet" href="css/mobile-menu.css">
<link rel="stylesheet" href="css/mobile-header-fix.css">
<link rel="stylesheet" href="css/button-contrast-fix.css">
<!-- Favicon -->
<link rel="icon" href="images/favicon.ico" type="image/x-icon">
<script src="js/seo-optimization.js" defer></script>
<script src="js/script.js" defer></script>
</head>
<body>
<header>
<div class="container">
<div class="header-content">
<div class="logo">
<h1>SSHMonitor</h1>
</div>
<nav>
<ul class="nav-links">
<li><a href="#features">Features</a></li>
<li><a href="#benefits">Benefits</a></li>
<li><a href="#implementation">Implementation</a></li>
<li><a href="#resources">Resources</a></li>
<li><a href="#citations">References</a></li>
<li><a href="https://forwardemail.net" class="btn-primary">Try Forward Email</a></li>
</ul>
</nav>
</div>
</div>
</header>
<section class="hero">
<div class="container">
<div class="hero-content">
<h1>Secure Your Servers with Real-time SSH Monitoring</h1>
<p>Detect unauthorized access attempts, track user activity, and receive instant alerts for suspicious behavior with our comprehensive SSH monitoring solution.</p>
<div class="cta-buttons">
<a href="#implementation" class="btn-primary">Get Started</a>
<a href="https://forwardemail.net" class="btn-secondary">Learn About Forward Email</a>
</div>
</div>
</div>
</section>
<section id="features" class="features">
<div class="container">
<h2>Comprehensive SSH Monitoring Features</h2>
<div class="features-grid">
<div class="feature-card">
<div class="feature-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="48" height="48" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
<path d="M12 22s8-4 8-10V5l-8-3-8 3v7c0 6 8 10 8 10z"></path>
</svg>
</div>
<h3>Real-time Intrusion Detection</h3>
<p>Monitor login attempts in real-time and receive immediate alerts for suspicious activities like brute force attacks or unauthorized access attempts.</p>
</div>
<div class="feature-card">
<div class="feature-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="48" height="48" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
<path d="M22 12h-4l-3 9L9 3l-3 9H2"></path>
</svg>
</div>
<h3>User Activity Tracking</h3>
<p>Track and log all SSH sessions, commands executed, and file transfers to maintain a complete audit trail of server activity.</p>
</div>
<div class="feature-card">
<div class="feature-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="48" height="48" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
<rect x="3" y="3" width="18" height="18" rx="2" ry="2"></rect>
<line x1="3" y1="9" x2="21" y2="9"></line>
<line x1="9" y1="21" x2="9" y2="9"></line>
</svg>
</div>
<h3>Customizable Alerting</h3>
<p>Configure alert thresholds and notification preferences to focus on the security events that matter most to your organization.</p>
</div>
<div class="feature-card">
<div class="feature-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="48" height="48" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
<circle cx="12" cy="12" r="10"></circle>
<line x1="12" y1="8" x2="12" y2="12"></line>
<line x1="12" y1="16" x2="12.01" y2="16"></line>
</svg>
</div>
<h3>Automated Response</h3>
<p>Set up automated responses to security incidents, such as blocking IP addresses after multiple failed login attempts.</p>
</div>
</div>
</div>
</section>
<section id="benefits" class="benefits">
<div class="container">
<h2>Why Monitor SSH Activity?</h2>
<div class="benefits-content">
<div class="benefits-text">
<h3>Prevent Unauthorized Access</h3>
<p>SSH is a primary target for attackers seeking server access. According to <a href="https://www.ssh.com/academy/ssh/security" target="_blank">SSH.com</a>, servers face hundreds to thousands of break-in attempts daily, with SSH being a common attack vector.</p>
<h3>Maintain Compliance</h3>
<p>Many regulatory frameworks like PCI DSS, SOC 2, and HIPAA require monitoring of privileged access. SSH monitoring helps meet these compliance requirements by providing detailed audit trails of all server access.</p>
<h3>Detect Insider Threats</h3>
<p>Not all threats come from outside your organization. According to the <a href="https://www.verizon.com/business/resources/reports/dbir/" target="_blank">Verizon Data Breach Investigations Report</a>, approximately 34% of data breaches involve internal actors.</p>
<h3>Reduce Mean Time to Resolution</h3>
<p>When security incidents occur, rapid detection and response are critical. SSH monitoring provides the visibility needed to quickly identify and address security issues.</p>
</div>
<div class="benefits-image">
<img src="images/ssh-benefits.jpg" alt="Forward Email service illustration">
</div>
</div>
</div>
</section>
<section id="implementation" class="implementation">
<div class="container">
<h2>Easy Implementation with Forward Email</h2>
<div class="implementation-content">
<h3>Ready-to-Use SSH Monitoring Script</h3>
<p>Below is a complete, production-ready Bash script for monitoring SSH login attempts and sending alerts via Forward Email. This script can be easily customized to fit your specific security requirements.</p>
<h3>Installation Instructions</h3>
<ol class="installation-steps">
<li>
<strong>Download the script:</strong> <a href="https://raw.githubusercontent.com/forwardemail/sshmonitor.com/refs/heads/main/ssh_monitor.sh" target="_blank">https://raw.githubusercontent.com/forwardemail/sshmonitor.com/refs/heads/main/ssh_monitor.sh</a>
</li>
<li>
<strong>Save the script to your server:</strong>
<div class="code-container">
<pre class="shiki-code" data-language="bash">sudo nano /usr/local/bin/ssh_monitor.sh</pre>
</div>
<p>Paste the script above and save the file.</p>
</li>
<li>
<strong>Make the script executable:</strong>
<div class="code-container">
<pre class="shiki-code" data-language="bash">sudo chmod +x /usr/local/bin/ssh_monitor.sh</pre>
</div>
</li>
<li>
<strong>Configure the script:</strong>
<p>Edit the configuration variables at the top of the script to match your environment:</p>
<ul>
<li>Set <code>EMAIL_TO</code> to your administrator email address</li>
<li>Set <code>EMAIL_FROM</code> to your alert sender address</li>
<li>Get an API key from <a href="https://forwardemail.net/my-account/security">Forward Email</a> and set <code>FORWARD_EMAIL_API_KEY</code></li>
</ul>
</li>
<li>
<strong>Set up a cron job to run the script periodically:</strong>
<pre><code>sudo crontab -e</code></pre>
<p>Add the following line to run the script every 10 minutes:</p>
<pre><code>*/10 * * * * /usr/local/bin/ssh_monitor.sh</code></pre>
</li>
<li>
<strong>Test the script:</strong>
<pre><code>sudo /usr/local/bin/ssh_monitor.sh</code></pre>
<p>Check the log file to verify it's working:</p>
<pre><code>tail /var/log/ssh_monitor.log</code></pre>
</li>
</ol>
</div>
</div>
</section>
<section id="resources" class="resources">
<div class="container">
<h2>SSH Monitoring Tools & Resources</h2>
<div class="resources-content">
<h3>Recommended Tools</h3>
<p>Below is a curated list of popular tools for SSH monitoring and security:</p>
<div class="tools-grid">
<div class="tool-card">
<h4>Fail2ban</h4>
<p>Ban hosts that cause multiple authentication errors.</p>
<a href="https://github.com/fail2ban/fail2ban" class="tool-link">GitHub Repository</a>
</div>
<div class="tool-card">
<h4>SSHGuard</h4>
<p>Protects hosts from brute-force attacks against SSH and other services.</p>
<a href="https://github.com/SSHGuard/sshguard" class="tool-link">GitHub Repository</a>
</div>
<div class="tool-card">
<h4>CrowdSec</h4>
<p>Behavior detection engine and collaborative IP reputation system.</p>
<a href="https://github.com/crowdsecurity/crowdsec" class="tool-link">GitHub Repository</a>
</div>
<div class="tool-card">
<h4>OSSEC</h4>
<p>Host-based Intrusion Detection System with SSH monitoring capabilities.</p>
<a href="https://github.com/ossec/ossec-hids" class="tool-link">GitHub Repository</a>
</div>
</div>
<h3>Additional Resources</h3>
<ul class="resources-list">
<li><a href="https://github.com/denyhosts/denyhosts">DenyHosts</a> - SSH server access control and monitoring</li>
<li><a href="https://github.com/logwatch/logwatch">Logwatch</a> - Customizable log analysis system</li>
<li><a href="https://bitbucket.org/tildeslash/monit/src/master/">Monit</a> - Utility for monitoring services on a Unix system</li>
</ul>
<div class="integration-note">
<h3>Integration with Forward Email</h3>
<p>All of these tools can be configured to send alerts through Forward Email's SMTP service or HTTP API. This provides:</p>
<ul>
<li>High deliverability for critical security notifications</li>
<li>Reliable email delivery for automated alerts</li>
<li>Simple integration with existing monitoring infrastructure</li>
<li>Cost-effective solution at only $3000/year fixed pricing</li>
</ul>
<p>For implementation examples, refer to the SSH monitoring script provided above.</p>
<a href="https://forwardemail.net" class="btn-primary">Learn More About Forward Email</a>
</div>
</div>
</div>
</section>
<section id="email-alerts" class="email-alerts">
<div class="container">
<h2>SSH Security Alert Notifications</h2>
<p>Receive immediate notifications when suspicious SSH activity is detected. Our system sends real-time alerts for login failures, unusual access patterns, and potential security breaches.</p>
<div class="alert-features">
<div class="alert-feature">
<h3>Real-time Monitoring</h3>
<p>Get instant notifications of suspicious SSH activity as it happens, not hours or days later.</p>
</div>
<div class="alert-feature">
<h3>Customizable Rules</h3>
<p>Define what constitutes suspicious activity based on your organization's security policies.</p>
</div>
<div class="alert-feature">
<h3>Detailed Reports</h3>
<p>Receive comprehensive information about each security event, including IP addresses, usernames, and timestamps.</p>
</div>
</div>
<!-- Demo button will be inserted here by JavaScript -->
</div>
</section>
<section id="citations" class="citations-compact">
<div class="container">
<h3>Citations & References</h3>
<ol>
<li id="citation-1">Fail2ban. (2025). <em>Fail2ban Documentation</em>. Retrieved April 6, 2025, from <a href="https://github.com/fail2ban/fail2ban" target="_blank">https://github.com/fail2ban/fail2ban</a></li>
<li id="citation-2">Forward Email. (2025). <em>API Documentation</em>. Retrieved April 6, 2025, from <a href="https://forwardemail.net/api" target="_blank">https://forwardemail.net/api</a></li>
<li id="citation-3">NIST. (2024). <em>Guide to SSH Implementation</em>. National Institute of Standards and Technology. Retrieved April 6, 2025.</li>
</ol>
</div>
</section>
<footer>
<div class="container">
<div class="footer-content">
<div class="footer-logo">
<h2>SSHMonitor</h2>
</div>
<div class="footer-grid">
<div class="footer-column">
<h3>Quick Links</h3>
<ul>
<li><a href="#features">Features</a></li>
<li><a href="#benefits">Benefits</a></li>
<li><a href="#implementation">Implementation</a></li>
<li><a href="#resources">Resources</a></li>
<li><a href="#citations">References</a></li>
</ul>
</div>
<div class="footer-column">
<h3>Resources</h3>
<ul>
<li><a href="https://github.com/fail2ban/fail2ban">Fail2ban</a></li>
<li><a href="https://github.com/SSHGuard/sshguard">SSHGuard</a></li>
<li><a href="https://github.com/crowdsecurity/crowdsec">CrowdSec</a></li>
<li><a href="https://github.com/ossec/ossec-hids">OSSEC</a></li>
</ul>
</div>
<div class="footer-column">
<h3>Forward Email</h3>
<ul>
<li><a href="https://forwardemail.net">Homepage</a></li>
<li><a href="https://forwardemail.net/pricing">Pricing</a></li>
<li><a href="https://forwardemail.net/faq">FAQ</a></li>
<li><a href="https://forwardemail.net/api">API Documentation</a></li>
</ul>
</div>
<div class="footer-column">
<h3>Contact</h3>
<p>For more information about SSH monitoring and email alerts, visit <a href="https://forwardemail.net">Forward Email</a>.</p>
<div class="social-links">
<a href="https://github.com/forwardemail" title="GitHub"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 0c-6.626 0-12 5.373-12 12 0 5.302 3.438 9.8 8.207 11.387.599.111.793-.261.793-.577v-2.234c-3.338.726-4.033-1.416-4.033-1.416-.546-1.387-1.333-1.756-1.333-1.756-1.089-.745.083-.729.083-.729 1.205.084 1.839 1.237 1.839 1.237 1.07 1.834 2.807 1.304 3.492.997.107-.775.418-1.305.762-1.604-2.665-.305-5.467-1.334-5.467-5.931 0-1.311.469-2.381 1.236-3.221-.124-.303-.535-1.524.117-3.176 0 0 1.008-.322 3.301 1.23.957-.266 1.983-.399 3.003-.404 1.02.005 2.047.138 3.006.404 2.291-1.552 3.297-1.23 3.297-1.23.653 1.653.242 2.874.118 3.176.77.84 1.235 1.911 1.235 3.221 0 4.609-2.807 5.624-5.479 5.921.43.372.823 1.102.823 2.222v3.293c0 .319.192.694.801.576 4.765-1.589 8.199-6.086 8.199-11.386 0-6.627-5.373-12-12-12z"/></svg></a>
<a href="https://x.com/fwdemail" title="X"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><style>.x-logo { fill: #000000; }</style><path class="x-logo" d="M18.244 2.25h3.308l-7.227 8.26 8.502 11.24H16.17l-5.214-6.817L4.99 21.75H1.68l7.73-8.835L1.254 2.25H8.08l4.713 6.231zm-1.161 17.52h1.833L7.084 4.126H5.117z"/></svg></a>
</div>
</div>
</div>
</div>
<div class="footer-bottom">
<p>© 2025 SSHMonitor. All rights reserved.</p>
<a href="https://github.com/forwardemail/sshmonitor.com" class="edit-link">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="16" height="16">
<path d="M12 0c-6.626 0-12 5.373-12 12 0 5.302 3.438 9.8 8.207 11.387.599.111.793-.261.793-.577v-2.234c-3.338.726-4.033-1.416-4.033-1.416-.546-1.387-1.333-1.756-1.333-1.756-1.089-.745.083-.729.083-.729 1.205.084 1.839 1.237 1.839 1.237 1.07 1.834 2.807 1.304 3.492.997.107-.775.418-1.305.762-1.604-2.665-.305-5.467-1.334-5.467-5.931 0-1.311.469-2.381 1.236-3.221-.124-.303-.535-1.524.117-3.176 0 0 1.008-.322 3.301 1.23.957-.266 1.983-.399 3.003-.404 1.02.005 2.047.138 3.006.404 2.291-1.552 3.297-1.23 3.297-1.23.653 1.653.242 2.874.118 3.176.77.84 1.235 1.911 1.235 3.221 0 4.609-2.807 5.624-5.479 5.921.43.372.823 1.102.823 2.222v3.293c0 .319.192.694.801.576 4.765-1.589 8.199-6.086 8.199-11.386 0-6.627-5.373-12-12-12z"/>
</svg>
Edit this page
</a>
</div>
</div>
</footer>
<script>
// Add copy functionality to code blocks
document.querySelectorAll('.copy-button').forEach(button => {
button.addEventListener('click', () => {
const codeBlock = button.closest('.code-block, .github-code-container').querySelector('code, pre');
const textToCopy = codeBlock.textContent;
navigator.clipboard.writeText(textToCopy).then(() => {
button.textContent = 'Copied!';
setTimeout(() => {
button.textContent = 'Copy';
}, 2000);
});
});
});
</script>
</body>
</html>