免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
论坛 IT运维 服务器应用 我的dns日志中有很多这样的信息
最近访问板块 发新帖
查看: 1837 | 回复: 6
打印 上一主题 下一主题

我的dns日志中有很多这样的信息 [复制链接]

vv0885

论坛徽章:
0
跳转到指定楼层
1 [收藏(0)] [报告]
发表于 2008-07-15 10:48 |只看该作者 |倒序浏览
Jul 15 10:47:25 beneed sshd(pam_unix)[23560]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.196.13.4  user=root
Jul 15 10:47:28 beneed sshd(pam_unix)[23562]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.196.13.4  user=root
Jul 15 10:47:30 beneed sshd(pam_unix)[23564]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.196.13.4  user=root
Jul 15 10:47:33 beneed sshd(pam_unix)[23573]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.196.13.4  user=root
Jul 15 10:47:36 beneed sshd(pam_unix)[23599]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.196.13.4  user=root
Jul 15 10:47:39 beneed sshd(pam_unix)[23601]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.196.13.4  user=root
Jul 15 10:47:41 beneed sshd(pam_unix)[23604]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.196.13.4  user=root
Jul 15 10:47:44 beneed sshd(pam_unix)[23606]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.196.13.4  user=root
Jul 15 10:47:47 beneed sshd(pam_unix)[23609]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.196.13.4  user=root

这些是攻击吧!

应该怎么解决一下呢?
肥嘟嘟

论坛徽章:
0
2 [报告]
发表于 2008-07-15 11:17 |只看该作者

回复 #1 vv0885 的帖子

cat /var/log/secure |awk '/Failed/
贴出来看看
实战分享:从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线! | 新一代分布式关系型数据库RadonDB知多少?
jerrywjl

论坛徽章:
0
3 [报告]
发表于 2008-07-15 11:21 |只看该作者
的确很符合攻击特征。设法把ssh密码增强一些,然后配置ssh禁止root登录。
实战分享:从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线! | 新一代分布式关系型数据库RadonDB知多少?
vv0885

论坛徽章:
0
4 [报告]
发表于 2008-07-15 11:32 |只看该作者
原帖由 肥嘟嘟 于 2008-7-15 11:17 发表
cat /var/log/secure |awk '/Failed/
贴出来看看



Jul 15 10:41:01 beneed sshd[22672]: Failed password for root from ::ffff:58.196.13.4 port 56437 ssh2
Jul 15 10:41:04 beneed sshd[22675]: Failed password for root from ::ffff:58.196.13.4 port 57127 ssh2
Jul 15 10:41:07 beneed sshd[22677]: Failed password for root from ::ffff:58.196.13.4 port 38254 ssh2
Jul 15 10:41:09 beneed sshd[22679]: Failed password for root from ::ffff:58.196.13.4 port 41885 ssh2
Jul 15 10:41:12 beneed sshd[22681]: Failed password for root from ::ffff:58.196.13.4 port 42663 ssh2
Jul 15 10:41:15 beneed sshd[22683]: Failed password for root from ::ffff:58.196.13.4 port 43498 ssh2
Jul 15 10:41:17 beneed sshd[22685]: Failed password for root from ::ffff:58.196.13.4 port 44343 ssh2
Jul 15 10:41:20 beneed sshd[22687]: Failed password for root from ::ffff:58.196.13.4 port 45165 ssh2
Jul 15 10:41:23 beneed sshd[22689]: Failed password for root from ::ffff:58.196.13.4 port 45951 ssh2
Jul 15 10:41:26 beneed sshd[22691]: Failed password for root from ::ffff:58.196.13.4 port 46811 ssh2
Jul 15 10:41:28 beneed sshd[22693]: Failed password for root from ::ffff:58.196.13.4 port 47639 ssh2
Jul 15 10:41:31 beneed sshd[22695]: Failed password for root from ::ffff:58.196.13.4 port 48404 ssh2
Jul 15 10:41:34 beneed sshd[22697]: Failed password for root from ::ffff:58.196.13.4 port 49259 ssh2
Jul 15 10:41:36 beneed sshd[22699]: Failed password for root from ::ffff:58.196.13.4 port 50138 ssh2
Jul 15 10:41:39 beneed sshd[22701]: Failed password for root from ::ffff:58.196.13.4 port 50858 ssh2
Jul 15 10:41:42 beneed sshd[22703]: Failed password for root from ::ffff:58.196.13.4 port 51726 ssh2
Jul 15 10:41:44 beneed sshd[22705]: Failed password for root from ::ffff:58.196.13.4 port 52536 ssh2
Jul 15 10:41:47 beneed sshd[22707]: Failed password for root from ::ffff:58.196.13.4 port 53758 ssh2
Jul 15 10:41:50 beneed sshd[22709]: Failed password for root from ::ffff:58.196.13.4 port 54463 ssh2
Jul 15 10:41:53 beneed sshd[22711]: Failed password for root from ::ffff:58.196.13.4 port 55353 ssh2
Jul 15 10:41:55 beneed sshd[22713]: Failed password for root from ::ffff:58.196.13.4 port 56162 ssh2
Jul 15 10:41:58 beneed sshd[22715]: Failed password for root from ::ffff:58.196.13.4 port 57183 ssh2
Jul 15 10:42:01 beneed sshd[22717]: Failed password for root from ::ffff:58.196.13.4 port 37784 ssh2
Jul 15 10:42:03 beneed sshd[22719]: Failed password for root from ::ffff:58.196.13.4 port 41871 ssh2
Jul 15 10:42:06 beneed sshd[22721]: Failed password for root from ::ffff:58.196.13.4 port 42673 ssh2
Jul 15 10:42:09 beneed sshd[22723]: Failed password for root from ::ffff:58.196.13.4 port 43483 ssh2
Jul 15 10:42:11 beneed sshd[22725]: Failed password for root from ::ffff:58.196.13.4 port 44395 ssh2
Jul 15 10:42:14 beneed sshd[22727]: Failed password for root from ::ffff:58.196.13.4 port 45150 ssh2
实战分享:从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线! | 新一代分布式关系型数据库RadonDB知多少?
Dreamhat

论坛徽章:
0
5 [报告]
发表于 2008-07-15 11:34 |只看该作者
大哥,这是ssh的日志。。。。
密码设的复杂一点
这个让他去吧
实战分享:从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线! | 新一代分布式关系型数据库RadonDB知多少?
bigarade

论坛徽章:
0
6 [报告]
发表于 2008-07-15 12:05 |只看该作者
很多的ssh连接请求
实战分享:从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线! | 新一代分布式关系型数据库RadonDB知多少?
llzqq

论坛徽章:
0
7 [报告]
发表于 2008-07-16 07:39 |只看该作者
1.修改SSH监听端口为非22
2.采用SSH+KEY认证方式登陆
实战分享:从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线! | 新一代分布式关系型数据库RadonDB知多少?
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

  

北京盛拓优讯信息技术有限公司. 版权所有 京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员  联系我们:huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP