Disable ICMP (Not a good practice though) echo 'net.ipv4.icmp_echo_ignore_all = 1' >> /etc/sysctl.conf && sysctl -p Setup Fail2ban、Snort Use iptables、iptables-save、ufw Use Logwatch Use htop Check netstat netstat -ltnp Check login sessions w last -Faiwx | tail -n 30 lastlog