免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
最近访问板块 发新帖
查看: 2219 | 回复: 9
打印 上一主题 下一主题

登陆日志问题! [复制链接]

论坛徽章:
0
跳转到指定楼层
1 [收藏(0)] [报告]
发表于 2006-07-22 00:50 |只看该作者 |倒序浏览
Jul 17 04:00:36 hszf sshd[30747]: Illegal user email from 218.57.129.48
Jul 17 04:00:38 hszf sshd[30749]: Illegal user irc from 218.57.129.48
Jul 17 04:00:39 hszf sshd[30751]: Illegal user trust from 218.57.129.48
Jul 17 04:00:41 hszf sshd[30753]: Illegal user information from 218.57.129.48
Jul 17 04:00:42 hszf sshd[30755]: Illegal user compact from 218.57.129.48
Jul 17 04:00:44 hszf sshd[30757]: Illegal user cdrom from 218.57.129.48
Jul 17 04:00:45 hszf sshd[30759]: Illegal user procesor from 218.57.129.48
Jul 17 04:00:47 hszf sshd[30761]: Illegal user viteo from 218.57.129.48
Jul 17 04:00:49 hszf sshd[30763]: Illegal user zipdrive from 218.57.129.48
Jul 17 04:00:50 hszf sshd[30765]: Illegal user zip from 218.57.129.48
Jul 17 04:00:52 hszf sshd[30767]: Illegal user ace from 218.57.129.48
Jul 17 04:00:53 hszf sshd[30769]: Illegal user rar from 218.57.129.48
Jul 17 04:00:55 hszf sshd[30771]: Illegal user winrar from 218.57.129.48
Jul 17 04:00:56 hszf sshd[30773]: Illegal user winace from 218.57.129.48
Jul 17 04:00:58 hszf sshd[30775]: Illegal user winzip from 218.57.129.48
Jul 17 04:00:59 hszf sshd[30777]: Illegal user ssh from 218.57.129.48
Jul 17 04:01:01 hszf sshd[30779]: Illegal user telnet from 218.57.129.48
Jul 17 04:01:02 hszf sshd[30791]: Illegal user freedom from 218.57.129.48
Jul 17 04:01:04 hszf sshd[30793]: Illegal user 1234 from 218.57.129.48
Jul 17 04:01:05 hszf sshd[30795]: Illegal user euro from 218.57.129.48
Jul 17 04:01:07 hszf sshd[30797]: Illegal user creditcard from 218.57.129.48
Jul 17 04:01:08 hszf sshd[30799]: Illegal user visa from 218.57.129.48
Jul 17 04:01:10 hszf sshd[30801]: Illegal user virtual from 218.57.129.48
Jul 17 04:01:11 hszf sshd[30803]: Illegal user eternity from 218.57.129.48
Jul 17 04:01:13 hszf sshd[30805]: Illegal user traxdata from 218.57.129.48
Jul 17 04:01:15 hszf sshd[30807]: Illegal user pleomax from 218.57.129.48
Jul 17 04:01:16 hszf sshd[30809]: Illegal user cellphone from 218.57.129.48
Jul 17 04:01:18 hszf sshd[30811]: Illegal user try from 218.57.129.48
Jul 17 04:01:19 hszf sshd[30813]: Illegal user gotit from 218.57.129.48
Jul 17 04:01:21 hszf sshd[30815]: Illegal user nologin from 218.57.129.48
Jul 17 04:01:22 hszf sshd[30817]: Illegal user adapter from 218.57.129.48
Jul 17 04:01:24 hszf sshd[30819]: Illegal user cable from 218.57.129.48
Jul 17 04:01:25 hszf sshd[30821]: Illegal user bed from 218.57.129.48
Jul 17 04:01:27 hszf sshd[30823]: Illegal user nivea from 218.57.129.48
Jul 17 04:01:28 hszf sshd[30825]: Illegal user kamill from 218.57.129.48
Jul 17 04:01:30 hszf sshd[30827]: Illegal user future from 218.57.129.48
Jul 17 04:01:32 hszf sshd[30829]: Illegal user smith from 218.57.129.48
Jul 17 04:01:34 hszf sshd[30831]: Illegal user jones from 218.57.129.48
Jul 17 04:01:36 hszf sshd[30833]: Illegal user tim from 218.57.129.48
Jul 17 04:01:37 hszf sshd[30835]: Illegal user usually from 218.57.129.48
Jul 17 04:01:39 hszf sshd[30837]: Illegal user always from 218.57.129.48
Jul 17 04:01:40 hszf sshd[30839]: Illegal user sometimes from 218.57.129.48
Jul 17 04:01:42 hszf sshd[30841]: Illegal user nornally from 218.57.129.48
Jul 17 04:01:43 hszf sshd[30843]: Illegal user often from 218.57.129.48
Jul 17 04:01:45 hszf sshd[30845]: Illegal user believe from 218.57.129.48
Jul 17 04:01:46 hszf sshd[30847]: Illegal user forget from 218.57.129.48
Jul 17 04:01:48 hszf sshd[30849]: Illegal user hear from 218.57.129.48
Jul 17 04:01:49 hszf sshd[30851]: Illegal user remember from 218.57.129.48
Jul 17 04:01:51 hszf sshd[30853]: Illegal user seen from 218.57.129.48
Jul 17 04:01:53 hszf sshd[30855]: Illegal user want from 218.57.129.48
Jul 17 04:01:54 hszf sshd[30857]: Illegal user wish from 218.57.129.48
Jul 17 04:01:56 hszf sshd[30859]: Illegal user susan from 218.57.129.48
Jul 17 04:01:57 hszf sshd[30861]: Illegal user mary from 218.57.129.48
Jul 17 04:01:59 hszf sshd[30863]: Illegal user peter from 218.57.129.48
Jul 17 04:02:00 hszf sshd[30865]: Illegal user england from 218.57.129.48
Jul 17 04:02:04 hszf sshd[31048]: Failed password for root from 218.57.129.48 port 41738 ssh2
Jul 17 04:02:08 hszf sshd[31198]: Failed password for root from 218.57.129.48 port 41946 ssh2
Jul 17 04:02:12 hszf sshd[31213]: Failed password for root from 218.57.129.48 port 42144 ssh2
Jul 17 04:02:14 hszf sshd[31252]: Illegal user compas from 218.57.129.48
Jul 17 04:02:18 hszf sshd[31254]: Failed password for root from 218.57.129.48 port 42430 ssh2
Jul 17 04:02:21 hszf sshd[31256]: Failed password for root from 218.57.129.48 port 42635 ssh2
能帮忙分析下这些数据吗?
顺便问一下ssh服务常时间开放,是不是不利于服务器的安全?

论坛徽章:
0
2 [报告]
发表于 2006-07-22 02:58 |只看该作者
没有关系,别人在扫描你的密码。你系统用户密码如果不是很菜,没有问题的。
别担心,一般公共站点,开了ssh的,都会遇到这种情况。

论坛徽章:
0
3 [报告]
发表于 2006-07-22 09:49 |只看该作者
谢谢指点,我今天把密码在改长些,复杂些,最长可以设置多少位哦?

论坛徽章:
0
4 [报告]
发表于 2006-07-22 09:54 |只看该作者
64位应该就够长了吧。

论坛徽章:
0
5 [报告]
发表于 2006-07-22 10:21 |只看该作者
让别人扫吧,把root密码搞好,让扫的人郁闷吧(不过你用ssh的话一定要保证你登录的客户机上没被别人放上什么记录键盘之类的后门程序呀)

论坛徽章:
0
6 [报告]
发表于 2006-07-22 10:24 |只看该作者
在那看这个日志?

论坛徽章:
0
7 [报告]
发表于 2006-07-23 00:46 |只看该作者
/var/log/auth.log
或/root/.bsah_history

论坛徽章:
0
8 [报告]
发表于 2006-07-23 01:00 |只看该作者
常常换密码

论坛徽章:
0
9 [报告]
发表于 2006-10-11 10:38 |只看该作者

最好的办法!

最好的办法是不要用基于password的验证方式。而采用基于publickey+passphrase的验证方式。这样他再扫也没用,哈哈!

论坛徽章:
0
10 [报告]
发表于 2006-10-11 11:22 |只看该作者
受教了◎…………
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

  

北京盛拓优讯信息技术有限公司. 版权所有 京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员  联系我们:huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP