Witam
Portsentry zainstalowane i uruchomione a pliki z banowanymi adresami puste
Mam na myśli portsentry.blocked.atcp i portsentry.blocked.audp
oraz portsentry.history
Natomiast w logach :
Oct 24 20:47:04 router_nnd sshd[14920]: Invalid user jeff from 202.9.98.225
Oct 24 20:47:04 router_nnd sshd[14920]: Excess permission or bad ownership on file /var/log/btmp
Oct 24 20:47:05 router_nnd sshd[14920]: error: Could not get shadow information for NOUSER
Oct 24 20:47:05 router_nnd sshd[14920]: Failed password for invalid user jeff from 202.9.98.225 port 40919 ssh2
Oct 24 20:47:05 router_nnd sshd[14920]: Excess permission or bad ownership on file /var/log/btmp
Oct 24 20:47:09 router_nnd sshd[14930]: Invalid user irc from 202.9.98.225
Oct 24 20:47:09 router_nnd sshd[14930]: Excess permission or bad ownership on file /var/log/btmp
Oct 24 20:47:09 router_nnd sshd[14930]: error: Could not get shadow information for NOUSER
Oct 24 20:47:09 router_nnd sshd[14930]: Failed password for invalid user irc from 202.9.98.225 port 41016 ssh2
Oct 24 20:47:09 router_nnd sshd[14930]: Excess permission or bad ownership on file /var/log/btmp
Oct 24 20:47:14 router_nnd sshd[14948]: Invalid user list from 202.9.98.225
Oct 24 20:47:14 router_nnd sshd[14948]: Excess permission or bad ownership on file /var/log/btmp
Oct 24 20:47:14 router_nnd sshd[14948]: error: Could not get shadow information for NOUSER
Oct 24 20:47:14 router_nnd sshd[14948]: Failed password for invalid user list from 202.9.98.225 port 41115 ssh2
Oct 24 20:47:14 router_nnd sshd[14948]: Excess permission or bad ownership on file /var/log/btmp
Oct 24 20:47:18 router_nnd sshd[14958]: Invalid user eleve from 202.9.98.225
Oct 24 20:47:18 router_nnd sshd[14958]: Excess permission or bad ownership on file /var/log/btmp
Oct 24 20:47:18 router_nnd sshd[14958]: error: Could not get shadow information for NOUSER
Oct 24 20:47:18 router_nnd sshd[14958]: Failed password for invalid user eleve from 202.9.98.225 port 41217 ssh2
Oct 24 20:47:18 router_nnd sshd[14958]: Excess permission or bad ownership on file /var/log/btmp
Oct 24 20:47:22 router_nnd sshd[14974]: Invalid user proxy from 202.9.98.225
Portsentry mam w demonach
Czy może go mam postawić w rc.local z konkretną komendą np.
portsentry -stcp start 
a z rc.conf usunąć
Może ktoś mi poda swój konfig
Albo chociaż poprowadzi mnie za rączkę
Jaka może być tego przyczyna
Mój plik z ignorowanymi to :
# Put hosts in here you never want blocked. This includes the IP addresses
# of all local interfaces on the protected host (i.e virtual host, mult-home)
# Keep 127.0.0.1 and 0.0.0.0 to keep people from playing games.
#
# PortSentry can support full netmasks for networks as well. Format is:
#
# <IP Address>/<Netmask>
#
# Example:
#
# 192.168.2.0/24
# 192.168.0.0/16
# 192.168.2.1/32
# Etc.
#
# If you don't supply a netmask it is assumed to be 32 bits.
#
#
127.0.0.1/32
0.0.0.0
192.168.1.0/24
192.168.2.0/24
83.17.142.242
Powiedzcie mi co jest nie tak
Konfiga portsentry nie ruszałem i jest orginalny
_________________
Pozdrawiam
Damiano
---------------
Pomogłem
Kliknij ikonkę "Pomógł"
Miejcie litość - ja dopiero zaczynam
Zaloguj się
Zarejestruj się
FAQ
Szukaj
