I have a Server in Intranet under attack and I see the attacker list many IPs in intranet, guess this hacker trying to access them from my server. How can I know the ssh connect history, so I can confirm I'm the only victim?
This is basically a inverse quwstion of History of IP addresses that accessed a server via ssh
