Linux 菜鸟求帮忙看看这个 fail2ban 日志..装好基本保持了默认配置..这些日志内容是什么意思?我需要做什么调整吗?

V2EX = way to explore

V2EX 是一个关于分享和探索的地方

现在注册

已注册用户请登录

这是一个创建于 3588 天前的主题，其中的信息可能已经有所发展或是发生改变。

Jan 11 18:40:01 default CRON[3483]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 18:40:01 default CRON[3482]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 11 18:40:01 default CRON[3482]: pam_unix(cron:session): session closed for user root
Jan 11 18:40:05 default CRON[3483]: pam_unix(cron:session): session closed for user smmsp
Jan 11 19:00:01 default CRON[3504]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 19:00:05 default CRON[3504]: pam_unix(cron:session): session closed for user smmsp
Jan 11 19:16:58 default sshd[3525]: Bad protocol version identification 'GET / HTTP/1.0' from 198.35.46.4
Jan 11 19:16:58 default sshd[3526]: Did not receive identification string from 198.35.46.4
Jan 11 19:20:01 default CRON[3529]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 19:20:06 default CRON[3529]: pam_unix(cron:session): session closed for user smmsp
Jan 11 19:40:01 default CRON[3548]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 19:40:01 default CRON[3547]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 11 19:40:01 default CRON[3547]: pam_unix(cron:session): session closed for user root
Jan 11 19:40:05 default CRON[3548]: pam_unix(cron:session): session closed for user smmsp
Jan 11 20:00:01 default CRON[3569]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 20:00:05 default CRON[3569]: pam_unix(cron:session): session closed for user smmsp
Jan 11 20:17:19 default sshd[3589]: Bad protocol version identification 'GET / HTTP/1.0' from 198.35.46.4
Jan 11 20:17:19 default sshd[3590]: Did not receive identification string from 198.35.46.4
Jan 11 20:20:01 default CRON[3593]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 20:20:05 default CRON[3593]: pam_unix(cron:session): session closed for user smmsp
Jan 11 20:40:01 default CRON[3613]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 20:40:01 default CRON[3612]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 11 20:40:01 default CRON[3612]: pam_unix(cron:session): session closed for user root
Jan 11 20:40:05 default CRON[3613]: pam_unix(cron:session): session closed for user smmsp
Jan 11 21:00:01 default CRON[3633]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 21:00:06 default CRON[3633]: pam_unix(cron:session): session closed for user smmsp
Jan 11 21:16:57 default sshd[3654]: Bad protocol version identification 'GET / HTTP/1.0' from 198.35.46.4
Jan 11 21:16:57 default sshd[3655]: Did not receive identification string from 198.35.46.4
Jan 11 21:20:01 default CRON[3658]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 21:20:05 default CRON[3658]: pam_unix(cron:session): session closed for user smmsp
Jan 11 21:31:11 default sshd[3676]: Accepted publickey for root from 221.218.179.63 port 52227 ssh2
Jan 11 21:31:11 default sshd[3676]: pam_unix(sshd:session): session opened for user root by (uid=0)

default

cron

smmsp

3 条回复 • 2015-01-11 23:04:11 +08:00

9hills

2015-01-11 22:58:45 +08:00

sshd有Key登陆这种安全方式，要fail2ban干啥，闲的慌么

fail2ban的作用是其他不安全的协议，比如不得不开的ftp等。。

bmin

2015-01-11 23:02:12 +08:00

@9hills 我是想再架个blog什么的..

9hills

2015-01-11 23:04:11 +08:00

@bmin 你首先想清楚你要fail2ban干什么？保护ssh登陆？