- 论坛徽章:
- 0
|
我的服务器是架设在fedora上的qmail1.03,攻击方式是通过smtp访问猜用户账户和密码,maillog中的记录如下
Dec 5 23:38:17 mail vpopmail[8321]: vchkpw-smtp: password fail (pass: 'lplplp') lp@gc.net.cn:220.242.167.204
Dec 5 23:38:22 mail vpopmail[8324]: vchkpw-smtp: password fail (pass: '123456') lp@gc.net.cn:220.242.167.204
Dec 5 23:38:28 mail vpopmail[8327]: vchkpw-smtp: password fail (pass: '000000') lp@gc.net.cn:220.242.167.204
Dec 5 23:38:34 mail vpopmail[8330]: vchkpw-smtp: password fail (pass: '111111') lp@gc.net.cn:220.242.167.204
Dec 5 23:38:39 mail vpopmail[8333]: vchkpw-smtp: password fail (pass: '123123') lp@gc.net.cn:220.242.167.204
Dec 5 23:38:45 mail vpopmail[8336]: vchkpw-smtp: password fail (pass: '654321') lp@gc.net.cn:220.242.167.204
Dec 5 23:38:51 mail vpopmail[8339]: vchkpw-smtp: password fail (pass: '666666') lp@gc.net.cn:220.242.167.204
Dec 5 23:38:57 mail vpopmail[8342]: vchkpw-smtp: password fail (pass: '888888') lp@gc.net.cn:220.242.167.204
Dec 5 23:39:02 mail vpopmail[8345]: vchkpw-smtp: password fail (pass: '12345678') lp@gc.net.cn:220.242.167.204
Dec 5 23:39:08 mail vpopmail[8348]: vchkpw-smtp: password fail (pass: 'lplplp') lp@gc.net.cn:220.242.167.204
Dec 5 23:39:13 mail vpopmail[8351]: vchkpw-smtp: password fail (pass: '123456') lp@gc.net.cn:220.242.167.204
Dec 5 23:39:19 mail vpopmail[8354]: vchkpw-smtp: password fail (pass: '000000') lp@gc.net.cn:220.242.167.204
Dec 5 23:39:25 mail vpopmail[8357]: vchkpw-smtp: password fail (pass: '111111') lp@gc.net.cn:220.242.167.204
对于这种攻击行为,qmail有什么防御方法么?
我现在只能利用局域网的防火墙来禁止类似行为的ip的访问 |
|