block possible break in attempts with UFW
cat /var/log/auth.log | grep BREAK-IN | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | uniq | xargs -I ip sudo ufw insert 1 deny from ip