 Unauthorized access is an attack in which an attacker tries to break in into another system. For example, assume that the attacker wants to break into Bob's system using SSH. To get access, the attacker may try to brute force Bob's password. Assume the attacker first tries password 12345. The login attempt is sent to Bob, but since 12345 is not the correct password, Bob's system reacts with an error message. After reception of this error message, the attacker knows that password 12345 doesn't work. The attacker may now try another password, for example, ABCDE. The second login attempt is also sent to Bob, but since ABCDE is also incorrect, an error message is returned again. The attacker knows that ABCDE is also incorrect and may now try Alice's password. The third login attempt is now sent to Bob, but this time the attacker guessed the right password and the welcome message is returned. The attacker has now gained access to Bob's system by guessing a number of passwords. A brute force attack to guess passwords is just one way to get unauthorized access. Other ways to get login credentials is to perform phishing or social engineering attacks. Once the attacker has access, he may install a rootkit or a backdoor to allow later login attempts. To detect unauthorized access, the security officer may install an intrusion detection system or shortly IDS. To prevent from unauthorized access, the network manager may install a firewall or use a white list which limits access to only well-known sources or a black list which prevents access from certain sources. A specific tool to protect against SSH brute force attacks is failed to ban.