Block all outgoing ssh traffic

ssh security hacking iptables

It's not that easy. If your server got compromised, you got to investigate it.

First, block all incoming traffic to it, but your service (example, ports 80 and 443) Block access to ssh from any source, but your.

Second, I suggest starting installing and running softwares like clamav, chkrootkit and rkhunter. These software can scan your machine and identify several well-known exploits.

Third, take a look at all running process, logs and the like

Fourth, apply some hardening techniques to your machine

Related

Docker change existing stack to start with user namespace but keep images, volumes and containers
How to generate CSR for multi-domain (UCC) purchased SSL certificate?
How to use literal "." in Apache VirtualDocumentRoot
Can't access SSH after run iptables -P OUTPUT DROP
How to allow an SCP client to change file mod time without being the owner
Why is Apache trying to kill a process on startup and why would that cause a failure for Apache to start?
PHP fsockopen giving error with SSL
Time changes by one hour while rebooting RHEL8 Linux server
How to enforce https on client/browsers
Postfix -- mandatory TLS encryption not working for port 25 "relay sending"
IPTables causes conflict with Fail2Ban
Nginx and https - Specifying an ip address as a server_name gives the correct website but the wrong certificate