登陆日志问题！

ASKV-UNIX

Jul 17 04:00:36 hszf sshd[30747]: Illegal user email from 218.57.129.48
Jul 17 04:00:38 hszf sshd[30749]: Illegal user irc from 218.57.129.48
Jul 17 04:00:39 hszf sshd[30751]: Illegal user trust from 218.57.129.48
Jul 17 04:00:41 hszf sshd[30753]: Illegal user information from 218.57.129.48
Jul 17 04:00:42 hszf sshd[30755]: Illegal user compact from 218.57.129.48
Jul 17 04:00:44 hszf sshd[30757]: Illegal user cdrom from 218.57.129.48
Jul 17 04:00:45 hszf sshd[30759]: Illegal user procesor from 218.57.129.48
Jul 17 04:00:47 hszf sshd[30761]: Illegal user viteo from 218.57.129.48
Jul 17 04:00:49 hszf sshd[30763]: Illegal user zipdrive from 218.57.129.48
Jul 17 04:00:50 hszf sshd[30765]: Illegal user zip from 218.57.129.48
Jul 17 04:00:52 hszf sshd[30767]: Illegal user ace from 218.57.129.48
Jul 17 04:00:53 hszf sshd[30769]: Illegal user rar from 218.57.129.48
Jul 17 04:00:55 hszf sshd[30771]: Illegal user winrar from 218.57.129.48
Jul 17 04:00:56 hszf sshd[30773]: Illegal user winace from 218.57.129.48
Jul 17 04:00:58 hszf sshd[30775]: Illegal user winzip from 218.57.129.48
Jul 17 04:00:59 hszf sshd[30777]: Illegal user ssh from 218.57.129.48
Jul 17 04:01:01 hszf sshd[30779]: Illegal user telnet from 218.57.129.48
Jul 17 04:01:02 hszf sshd[30791]: Illegal user freedom from 218.57.129.48
Jul 17 04:01:04 hszf sshd[30793]: Illegal user 1234 from 218.57.129.48
Jul 17 04:01:05 hszf sshd[30795]: Illegal user euro from 218.57.129.48
Jul 17 04:01:07 hszf sshd[30797]: Illegal user creditcard from 218.57.129.48
Jul 17 04:01:08 hszf sshd[30799]: Illegal user visa from 218.57.129.48
Jul 17 04:01:10 hszf sshd[30801]: Illegal user virtual from 218.57.129.48
Jul 17 04:01:11 hszf sshd[30803]: Illegal user eternity from 218.57.129.48
Jul 17 04:01:13 hszf sshd[30805]: Illegal user traxdata from 218.57.129.48
Jul 17 04:01:15 hszf sshd[30807]: Illegal user pleomax from 218.57.129.48
Jul 17 04:01:16 hszf sshd[30809]: Illegal user cellphone from 218.57.129.48
Jul 17 04:01:18 hszf sshd[30811]: Illegal user try from 218.57.129.48
Jul 17 04:01:19 hszf sshd[30813]: Illegal user gotit from 218.57.129.48
Jul 17 04:01:21 hszf sshd[30815]: Illegal user nologin from 218.57.129.48
Jul 17 04:01:22 hszf sshd[30817]: Illegal user adapter from 218.57.129.48
Jul 17 04:01:24 hszf sshd[30819]: Illegal user cable from 218.57.129.48
Jul 17 04:01:25 hszf sshd[30821]: Illegal user bed from 218.57.129.48
Jul 17 04:01:27 hszf sshd[30823]: Illegal user nivea from 218.57.129.48
Jul 17 04:01:28 hszf sshd[30825]: Illegal user kamill from 218.57.129.48
Jul 17 04:01:30 hszf sshd[30827]: Illegal user future from 218.57.129.48
Jul 17 04:01:32 hszf sshd[30829]: Illegal user smith from 218.57.129.48
Jul 17 04:01:34 hszf sshd[30831]: Illegal user jones from 218.57.129.48
Jul 17 04:01:36 hszf sshd[30833]: Illegal user tim from 218.57.129.48
Jul 17 04:01:37 hszf sshd[30835]: Illegal user usually from 218.57.129.48
Jul 17 04:01:39 hszf sshd[30837]: Illegal user always from 218.57.129.48
Jul 17 04:01:40 hszf sshd[30839]: Illegal user sometimes from 218.57.129.48
Jul 17 04:01:42 hszf sshd[30841]: Illegal user nornally from 218.57.129.48
Jul 17 04:01:43 hszf sshd[30843]: Illegal user often from 218.57.129.48
Jul 17 04:01:45 hszf sshd[30845]: Illegal user believe from 218.57.129.48
Jul 17 04:01:46 hszf sshd[30847]: Illegal user forget from 218.57.129.48
Jul 17 04:01:48 hszf sshd[30849]: Illegal user hear from 218.57.129.48
Jul 17 04:01:49 hszf sshd[30851]: Illegal user remember from 218.57.129.48
Jul 17 04:01:51 hszf sshd[30853]: Illegal user seen from 218.57.129.48
Jul 17 04:01:53 hszf sshd[30855]: Illegal user want from 218.57.129.48
Jul 17 04:01:54 hszf sshd[30857]: Illegal user wish from 218.57.129.48
Jul 17 04:01:56 hszf sshd[30859]: Illegal user susan from 218.57.129.48
Jul 17 04:01:57 hszf sshd[30861]: Illegal user mary from 218.57.129.48
Jul 17 04:01:59 hszf sshd[30863]: Illegal user peter from 218.57.129.48
Jul 17 04:02:00 hszf sshd[30865]: Illegal user england from 218.57.129.48
Jul 17 04:02:04 hszf sshd[31048]: Failed password for root from 218.57.129.48 port 41738 ssh2
Jul 17 04:02:08 hszf sshd[31198]: Failed password for root from 218.57.129.48 port 41946 ssh2
Jul 17 04:02:12 hszf sshd[31213]: Failed password for root from 218.57.129.48 port 42144 ssh2
Jul 17 04:02:14 hszf sshd[31252]: Illegal user compas from 218.57.129.48
Jul 17 04:02:18 hszf sshd[31254]: Failed password for root from 218.57.129.48 port 42430 ssh2
Jul 17 04:02:21 hszf sshd[31256]: Failed password for root from 218.57.129.48 port 42635 ssh2
能帮忙分析下这些数据吗？
顺便问一下ssh服务常时间开放，是不是不利于服务器的安全？

cnchun

没有关系，别人在扫描你的密码。你系统用户密码如果不是很菜，没有问题的。
别担心，一般公共站点，开了ssh的，都会遇到这种情况。

ASKV-UNIX

谢谢指点，我今天把密码在改长些，复杂些，最长可以设置多少位哦？

sakulagi

64位应该就够长了吧。

fish007

让别人扫吧,把root密码搞好,让扫的人郁闷吧(不过你用ssh的话一定要保证你登录的客户机上没被别人放上什么记录键盘之类的后门程序呀)

7号

在那看这个日志？

ASKV-UNIX

/var/log/auth.log
或/root/.bsah_history

chinamyrice

常常换密码

tdyne

最好的办法是不要用基于password的验证方式。而采用基于publickey＋passphrase的验证方式。这样他再扫也没用，哈哈！

lingfen1552

受教了◎…………