这是一个创建于 1779 天前的主题,其中的信息可能已经有所发展或是发生改变。
Dec 30 10:10:31 VM_0_12_centos sshd[30507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.5 user=root Dec 30 10:10:31 VM_0_12_centos sshd[30507]: pam_succeed_if(sshd:auth): requirement "uid >= 1000" not met by user "root" Dec 30 10:10:33 VM_0_12_centos sshd[30507]: Failed password for root from 116.196.81.5 port 52750 ssh2 Dec 30 10:10:33 VM_0_12_centos sshd[30507]: Received disconnect from 116.196.81.5 port 52750:11: Bye Bye [preauth] Dec 30 10:10:33 VM_0_12_centos sshd[30507]: Disconnected from 116.196.81.5 port 52750 [preauth] Dec 30 10:10:33 VM_0_12_centos sshd[30509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.195 user=root Dec 30 10:10:33 VM_0_12_centos sshd[30509]: pam_succeed_if(sshd:auth): requirement "uid >= 1000" not met by user "root" Dec 30 10:10:36 VM_0_12_centos sshd[30509]: Failed password for root from 218.92.0.195 port 63674 ssh2 Dec 30 10:10:36 VM_0_12_centos sshd[30509]: pam_succeed_if(sshd:auth): requirement "uid >= 1000" not met by user "root" Dec 30 10:10:38 VM_0_12_centos sshd[30515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.170.139.243 user=sshd Dec 30 10:10:38 VM_0_12_centos sshd[30515]: pam_succeed_if(sshd:auth): requirement "uid >= 1000" not met by user "sshd" Dec 30 10:10:38 VM_0_12_centos sshd[30509]: Failed password for root from 218.92.0.195 port 63674 ssh2 Dec 30 10:10:38 VM_0_12_centos sshd[30509]: pam_succeed_if(sshd:auth): requirement "uid >= 1000" not met by user "root" Dec 30 10:10:40 VM_0_12_centos sshd[30515]: Failed password for sshd from 93.170.139.243 port 56436 ssh2 Dec 30 10:10:40 VM_0_12_centos sshd[30509]: Failed password for root from 218.92.0.195 port 63674 ssh2 Dec 30 10:10:40 VM_0_12_centos sshd[30509]: Received disconnect from 218.92.0.195 port 63674:11: [preauth] Dec 30 10:10:40 VM_0_12_centos sshd[30509]: Disconnected from 218.92.0.195 port 63674 [preauth] Dec 30 10:10:40 VM_0_12_centos sshd[30509]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.195 user=root Dec 30 10:10:40 VM_0_12_centos sshd[30515]: Received disconnect from 93.170.139.243 port 56436:11: Bye Bye [preauth] Dec 30 10:10:40 VM_0_12_centos sshd[30515]: Disconnected from 93.170.139.243 port 56436 [preauth] Dec 30 10:10:44 VM_0_12_centos sshd[30529]: Invalid user hxg from 106.13.3.214 port 42070 Dec 30 10:10:44 VM_0_12_centos sshd[30529]: input_userauth_request: invalid user hxg [preauth] Dec 30 10:10:44 VM_0_12_centos sshd[30529]: pam_unix(sshd:auth): check pass; user unknown Dec 30 10:10:44 VM_0_12_centos sshd[30529]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.3.214 Dec 30 10:10:46 VM_0_12_centos sshd[30529]: Failed password for invalid user hxg from 106.13.3.214 port 42070 ssh2 Dec 30 10:10:46 VM_0_12_centos sshd[30529]: Received disconnect from 106.13.3.214 port 42070:11: Bye Bye [preauth] Dec 30 10:10:46 VM_0_12_centos sshd[30529]: Disconnected from 106.13.3.214 port 42070 [preauth]
 |
1
yyh325 OP 用 xshell 登录偶尔卡的不行,控制台登录就很流畅,和这个有关系吗
|
 |
2
renmu 2019-12-30 10:41:28 +08:00 via Android  1
有人想爆破你,换个 ssh 端口
|
 |
3
tianxianggezhu 2019-12-30 10:44:15 +08:00 1
有很多人攻击的,可以装个保护性软件,你会发现你的服务器每天受到了全球各地至少几百次的攻击
|
 |
4
tyzrj766 2019-12-30 10:45:41 +08:00 1
扫端口的,开 22 端口,热门的 IP 段和主机,几天就能攒下几万个
|
|
5
yyh325 OP 好,明白了,多谢老哥们
|
 |
6
stiekel 2019-12-30 11:19:57 +08:00
这个正常,云厂商的 IP 段,都会被不停的扫常用端口,是 22 就会用密码本来尝试登陆。这个不是针对你,人家是全都扫。
换端口就安静了。 |
 |
7
flynaj 2019-12-30 11:31:15 +08:00 via Android
该一下端口,清净,默认端口无数的机器在扫描。
|
 |
8
Les1ie 2019-12-30 14:40:03 +08:00
apt install fail2ban
瞬间清净了 |
 |
9
annielong 2019-12-30 18:15:26 +08:00
弱密码扫描,很正常,当初内网的弱密码用友数据库,刚开外网不到 5 分钟,就被改了密码
|
 |
10
opengps 2019-12-30 18:31:10 +08:00
公网环境就是这么恶劣,各种扫描器自动探测自动穷举爆破
|
 |
11
JamesR 2019-12-30 19:01:40 +08:00 via Android
正常,机子到手就要改端口。
|
 |
12
leeton 2019-12-30 19:11:49 +08:00
我的 win 主机都换端口了
|
 |
13
zuoakang 2019-12-30 21:41:14 +08:00 via Android
这个是 last 命令查看的吗
|
Select Language