我有一台挂在网上的电脑老被攻击怎么办-灌水聊天-老男人游戏网配套论坛

我有一台挂在网上的电脑老被攻击怎么办

RtcBoy 2020-11-7 2556

有一台装了linux的电脑，为了方便使用，在公网上开了ssh，端口当然是改过的，密码也是字母数字大小写神马的。但是我现在看日志每分钟都有好几次的非法登陆尝试。一开始我用了个脚本，只要错误登陆多次，就把IP放进黑名单，现在我给改成一次了。但是还是不放心啊，感觉被什么盯上了一样。

jboss    ssh:notty    120.36.3.101     Sun Nov 1 03:31 - 03:31 (00:00)
jboss    ssh:notty    120.36.3.101     Sun Nov 1 03:31 - 03:31 (00:00)
icinga   ssh:notty    45.124.112.175   Sun Nov 1 03:31 - 03:31 (00:00)
icinga   ssh:notty    45.124.112.175   Sun Nov 1 03:31 - 03:31 (00:00)
hadoop   ssh:notty    123.157.219.83   Sun Nov 1 03:31 - 03:31 (00:00)
hadoop   ssh:notty    123.157.219.83   Sun Nov 1 03:31 - 03:31 (00:00)
desarrol ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:30 - 03:30 (00:00)
desarrol ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:30 - 03:30 (00:00)
julien   ssh:notty    45.ip-37-187-54. Sun Nov 1 03:30 - 03:30 (00:00)
julien   ssh:notty    45.ip-37-187-54. Sun Nov 1 03:30 - 03:30 (00:00)
admin    ssh:notty    81.68.203.111    Sun Nov 1 03:30 - 03:30 (00:00)
admin    ssh:notty    81.68.203.111    Sun Nov 1 03:30 - 03:30 (00:00)
admin    ssh:notty    190.117.250.61   Sun Nov 1 03:30 - 03:30 (00:00)
admin    ssh:notty    190.117.250.61   Sun Nov 1 03:30 - 03:30 (00:00)
guest    ssh:notty    182.74.25.246    Sun Nov 1 03:29 - 03:29 (00:00)
guest    ssh:notty    182.74.25.246    Sun Nov 1 03:29 - 03:29 (00:00)
benny    ssh:notty    106.75.67.6      Sun Nov 1 03:29 - 03:29 (00:00)
benny    ssh:notty    106.75.67.6      Sun Nov 1 03:29 - 03:29 (00:00)
root     ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:29 - 03:29 (00:00)
automati ssh:notty    45.124.112.175   Sun Nov 1 03:29 - 03:29 (00:00)
automati ssh:notty    45.124.112.175   Sun Nov 1 03:29 - 03:29 (00:00)
travis   ssh:notty    81.68.203.111    Sun Nov 1 03:28 - 03:28 (00:00)
travis   ssh:notty    81.68.203.111    Sun Nov 1 03:28 - 03:28 (00:00)
oracle   ssh:notty    124.152.118.131 Sun Nov 1 03:28 - 03:28 (00:00)
oracle   ssh:notty    124.152.118.131 Sun Nov 1 03:28 - 03:28 (00:00)
trixie   ssh:notty    129.226.146.44   Sun Nov 1 03:28 - 03:28 (00:00)
trixie   ssh:notty    129.226.146.44   Sun Nov 1 03:28 - 03:28 (00:00)
sheller ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:28 - 03:28 (00:00)
sheller ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:28 - 03:28 (00:00)
db2fenc2 ssh:notty    49.234.105.96    Sun Nov 1 03:27 - 03:27 (00:00)
db2fenc2 ssh:notty    49.234.105.96    Sun Nov 1 03:27 - 03:27 (00:00)
print    ssh:notty    81.68.203.111    Sun Nov 1 03:27 - 03:27 (00:00)
print    ssh:notty    81.68.203.111    Sun Nov 1 03:27 - 03:27 (00:00)
back     ssh:notty    45.ip-37-187-54. Sun Nov 1 03:27 - 03:27 (00:00)
back     ssh:notty    45.ip-37-187-54. Sun Nov 1 03:27 - 03:27 (00:00)
applprod ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:27 - 03:27 (00:00)
applprod ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:27 - 03:27 (00:00)
ftpuser ssh:notty    45.124.112.175   Sun Nov 1 03:26 - 03:26 (00:00)
ftpuser ssh:notty    45.124.112.175   Sun Nov 1 03:26 - 03:26 (00:00)
root     ssh:notty    106.75.67.6      Sun Nov 1 03:26 - 03:26 (00:00)
root     ssh:notty    190.117.250.61   Sun Nov 1 03:26 - 03:26 (00:00)
leon     ssh:notty    81.68.203.111    Sun Nov 1 03:25 - 03:25 (00:00)
leon     ssh:notty    81.68.203.111    Sun Nov 1 03:25 - 03:25 (00:00)
rd       ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:25 - 03:25 (00:00)
rd       ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:25 - 03:25 (00:00)
root     ssh:notty    124.152.118.131 Sun Nov 1 03:25 - 03:25 (00:00)
elias    ssh:notty    120.36.3.101     Sun Nov 1 03:25 - 03:25 (00:00)
elias    ssh:notty    120.36.3.101     Sun Nov 1 03:25 - 03:25 (00:00)
cron     ssh:notty    129.226.146.44   Sun Nov 1 03:24 - 03:24 (00:00)
cron     ssh:notty    129.226.146.44   Sun Nov 1 03:24 - 03:24 (00:00)
root     ssh:notty    182.74.25.246    Sun Nov 1 03:24 - 03:24 (00:00)
root     ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:24 - 03:24 (00:00)
cactiuse ssh:notty    49.234.105.96    Sun Nov 1 03:24 - 03:24 (00:00)
cactiuse ssh:notty    49.234.105.96    Sun Nov 1 03:24 - 03:24 (00:00)
test     ssh:notty    45.124.112.175   Sun Nov 1 03:24 - 03:24 (00:00)
root     ssh:notty    81.68.203.111    Sun Nov 1 03:24 - 03:24 (00:00)
test     ssh:notty    45.124.112.175   Sun Nov 1 03:24 - 03:24 (00:00)
rancher ssh:notty    45.ip-37-187-54. Sun Nov 1 03:23 - 03:23 (00:00)
rancher ssh:notty    45.ip-37-187-54. Sun Nov 1 03:23 - 03:23 (00:00)
test     ssh:notty    106.75.67.6      Sun Nov 1 03:23 - 03:23 (00:00)
test     ssh:notty    106.75.67.6      Sun Nov 1 03:23 - 03:23 (00:00)
mysql    ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:23 - 03:23 (00:00)
mysql    ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:23 - 03:23 (00:00)
root     ssh:notty    123.157.219.83   Sun Nov 1 03:23 - 03:23 (00:00)
root     ssh:notty    81.68.203.111    Sun Nov 1 03:22 - 03:22 (00:00)
user     ssh:notty    124.152.118.131 Sun Nov 1 03:22 - 03:22 (00:00)
user     ssh:notty    124.152.118.131 Sun Nov 1 03:22 - 03:22 (00:00)
low      ssh:notty    190.117.250.61   Sun Nov 1 03:22 - 03:22 (00:00)
low      ssh:notty    190.117.250.61   Sun Nov 1 03:22 - 03:22 (00:00)
1        ssh:notty    45.124.112.175   Sun Nov 1 03:21 - 03:21 (00:00)
1        ssh:notty    45.124.112.175   Sun Nov 1 03:21 - 03:21 (00:00)
ds       ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:21 - 03:21 (00:00)
ds       ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:21 - 03:21 (00:00)
vmware   ssh:notty    182.74.25.246    Sun Nov 1 03:21 - 03:21 (00:00)
vmware   ssh:notty    182.74.25.246    Sun Nov 1 03:21 - 03:21 (00:00)
cron     ssh:notty    129.226.146.44   Sun Nov 1 03:21 - 03:21 (00:00)
cron     ssh:notty    129.226.146.44   Sun Nov 1 03:21 - 03:21 (00:00)
bocloud ssh:notty    81.68.203.111    Sun Nov 1 03:21 - 03:21 (00:00)
bocloud ssh:notty    81.68.203.111    Sun Nov 1 03:21 - 03:21 (00:00)
rhino    ssh:notty    49.234.105.96    Sun Nov 1 03:21 - 03:21 (00:00)
rhino    ssh:notty    49.234.105.96    Sun Nov 1 03:21 - 03:21 (00:00)
delete   ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:20 - 03:20 (00:00)
delete   ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:20 - 03:20 (00:00)
kfserver ssh:notty    81.68.203.111    Sun Nov 1 03:19 - 03:19 (00:00)
kfserver ssh:notty    81.68.203.111    Sun Nov 1 03:19 - 03:19 (00:00)
rancher ssh:notty    45.124.112.175   Sun Nov 1 03:19 - 03:19 (00:00)
rancher ssh:notty    45.124.112.175   Sun Nov 1 03:19 - 03:19 (00:00)
ftpusr   ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:19 - 03:19 (00:00)
ftpusr   ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:19 - 03:19 (00:00)
test     ssh:notty    112.29.238.18    Sun Nov 1 03:19 - 03:19 (00:00)
test     ssh:notty    112.29.238.18    Sun Nov 1 03:19 - 03:19 (00:00)
root     ssh:notty    123.157.219.83   Sun Nov 1 03:19 - 03:19 (00:00)
postgres ssh:notty    124.152.118.131 Sun Nov 1 03:18 - 03:18 (00:00)
postgres ssh:notty    124.152.118.131 Sun Nov 1 03:18 - 03:18 (00:00)
jessalyn ssh:notty    182.74.25.246    Sun Nov 1 03:18 - 03:18 (00:00)
jessalyn ssh:notty    182.74.25.246    Sun Nov 1 03:18 - 03:18 (00:00)
liu      ssh:notty    81.68.203.111    Sun Nov 1 03:18 - 03:18 (00:00)
liu      ssh:notty    81.68.203.111    Sun Nov 1 03:18 - 03:18 (00:00)
anna     ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:18 - 03:18 (00:00)
anna     ssh:notty    dslc3e450a6.fixi Sun Nov 1 03:18 - 03:18 (00:00)

上一篇：双11各位老男人都收到什么好宝贝了？出来晒一晒？
下一篇：发现了一个错误

最新回复 (7)

RtcBoy 楼主 2020-11-7

0 2楼

看这用户名和IP的，好像是在使用僵尸网络在撞库，有些IP是带域名的还能访问，比如mx1.eitd.gov.kh
Oldman 2020-11-7

0 3楼

很多服务器都有被暴力测试密码，你把密码改复杂点，增加校验码，屏蔽一部分IP，能改善很多，要彻底根治我觉得不可能。
sslyd 2020-11-8

0 4楼

ssh被爆破嘛？？改ssh默认端口然后设置公钥登录
进站劣人 2020-11-8

0 5楼

完全看不懂在说什么。
Linux_YL 2020-11-8

0 6楼

游戏玩家完全看不懂在说什么。
我和你一样感觉上面三位好厉害，都是学习黑客的嘛？
yang2000ling 2020-11-8

0 7楼

改ssh默认端口然后设置公钥登录，百度一下有很多教程
RtcBoy 楼主 2020-11-8

0 8楼

sslyd ssh被爆破嘛？？改ssh默认端口然后设置公钥登录
是个好主意，我回头试试