Ubuntu Server 14 的 3 天行动:)
grep sshd.*Did /var/log/auth.log | tail -50
Feb 14 09:41:35 mantykora sshd[3797]: Did not receive identification string from 88.249.106.23
Feb 14 10:17:18 mantykora sshd[4027]: Did not receive identification string from 94.102.48.193
Feb 15 01:41:04 mantykora sshd[17267]: Did not receive identification string from 79.71.81.207
Feb 15 02:31:55 mantykora sshd[17321]: Did not receive identification string from 113.108.21.16
Feb 15 09:07:58 mantykora sshd[19183]: Did not receive identification string from 58.49.91.194
Feb 15 15:54:03 mantykora sshd[3128]: Did not receive identification string from 62.210.24.250
Feb 15 19:12:11 mantykora sshd[3723]: Did not receive identification string from 117.253.221.81
Feb 16 10:08:41 mantykora sshd[4953]: Did not receive identification string from 122.241.63.225
Feb 17 02:01:40 mantykora sshd[5839]: Did not receive identification string from 198.251.79.208
我尝试使用ufw limit OpenSSH
一天三次 sudo 来保护自己,但我不知道该怎么做。该怎么做?
答案1
更改 SSH 监听端口将阻止这些机器人攻击。
快速编辑:这不是一个长期的解决方案,但它可以阻止那些中国机器人在端口 22 上运行的大多数新的 SSH 连接上尝试简单的用户名和密码组合。