Freesco, NND, CDN, EOS • Wyświetl temat - Proba logowania sie na serwer

Posty bez odpowiedzi | Aktywne tematy

Indeks witryny » NND » Instalacja i konfiguracja (NND)

Strefa czasowa UTC+2godz.

Proba logowania sie na serwer

Moderatorzy: tasiorek, JakubC, Mis'

Strona 1 z 1

[ Posty: 6 ]

Podgląd wydruku

Poprzedni temat | Następny temat

Autor

Wiadomość

blacha

Tytuł: Proba logowania sie na serwer

: środa, 22 lutego 2006, 15:22

Rejestracja: środa, 12 października 2005, 13:34
Posty: 12

Witam
Problem jest taki
Otoz od jakiegos czasu mam takie logi

Cytuj:

Feb 22 14:12:57 router sshd[22267]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:12:57 router sshd[22267]: error: Could not get shadow information for NOUSER
Feb 22 14:12:57 router sshd[22267]: Failed password for invalid user eleve from 213.214.76.227 port 54731 ssh2
Feb 22 14:12:57 router sshd[22267]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:12:58 router sshd[22269]: Invalid user proxy from 213.214.76.227
Feb 22 14:12:58 router sshd[22269]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:12:58 router sshd[22269]: error: Could not get shadow information for NOUSER
Feb 22 14:12:58 router sshd[22269]: Failed password for invalid user proxy from 213.214.76.227 port 54794 ssh2
Feb 22 14:12:58 router sshd[22269]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:00 router sshd[22272]: Invalid user sys from 213.214.76.227
Feb 22 14:13:00 router sshd[22272]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:00 router sshd[22272]: error: Could not get shadow information for NOUSER
Feb 22 14:13:00 router sshd[22272]: Failed password for invalid user sys from 213.214.76.227 port 54850 ssh2
Feb 22 14:13:00 router sshd[22272]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:01 router sshd[22274]: Invalid user zzz from 213.214.76.227
Feb 22 14:13:01 router sshd[22274]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:01 router sshd[22274]: error: Could not get shadow information for NOUSER
Feb 22 14:13:01 router sshd[22274]: Failed password for invalid user zzz from 213.214.76.227 port 54896 ssh2
Feb 22 14:13:01 router sshd[22274]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:02 router sshd[22277]: Invalid user frank from 213.214.76.227
Feb 22 14:13:02 router sshd[22277]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:02 router sshd[22277]: error: Could not get shadow information for NOUSER
Feb 22 14:13:02 router sshd[22277]: Failed password for invalid user frank from 213.214.76.227 port 54941 ssh2
Feb 22 14:13:02 router sshd[22277]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:05 router sshd[22280]: Invalid user dan from 213.214.76.227
Feb 22 14:13:05 router sshd[22280]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:05 router sshd[22280]: error: Could not get shadow information for NOUSER
Feb 22 14:13:05 router sshd[22280]: Failed password for invalid user dan from 213.214.76.227 port 55007 ssh2
Feb 22 14:13:05 router sshd[22280]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:06 router sshd[22283]: Invalid user james from 213.214.76.227
Feb 22 14:13:07 router sshd[22283]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:07 router sshd[22283]: error: Could not get shadow information for NOUSER
Feb 22 14:13:07 router sshd[22283]: Failed password for invalid user james from 213.214.76.227 port 55134 ssh2
Feb 22 14:13:07 router sshd[22283]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:08 router sshd[22285]: Invalid user snort from 213.214.76.227
Feb 22 14:13:08 router sshd[22285]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:08 router sshd[22285]: error: Could not get shadow information for NOUSER
Feb 22 14:13:08 router sshd[22285]: Failed password for invalid user snort from 213.214.76.227 port 55187 ssh2
Feb 22 14:13:08 router sshd[22285]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:10 router sshd[22288]: Invalid user radiomail from 213.214.76.227
Feb 22 14:13:10 router sshd[22288]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:10 router sshd[22288]: error: Could not get shadow information for NOUSER
Feb 22 14:13:10 router sshd[22288]: Failed password for invalid user radiomail from 213.214.76.227 port 55260 ssh2
Feb 22 14:13:10 router sshd[22288]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:11 router sshd[22291]: Invalid user harrypotter from 213.214.76.227
Feb 22 14:13:11 router sshd[22291]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:11 router sshd[22291]: error: Could not get shadow information for NOUSER
Feb 22 14:13:11 router sshd[22291]: Failed password for invalid user harrypotter from 213.214.76.227 port 55335 ssh2
Feb 22 14:13:11 router sshd[22291]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:12 router sshd[22293]: Invalid user divine from 213.214.76.227
Feb 22 14:13:12 router sshd[22293]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:12 router sshd[22293]: error: Could not get shadow information for NOUSER
Feb 22 14:13:12 router sshd[22293]: Failed password for invalid user divine from 213.214.76.227 port 55412 ssh2
Feb 22 14:13:12 router sshd[22293]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:14 router sshd[22296]: Invalid user popa3d from 213.214.76.227
Feb 22 14:13:14 router sshd[22296]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:14 router sshd[22296]: error: Could not get shadow information for NOUSER
Feb 22 14:13:14 router sshd[22296]: Failed password for invalid user popa3d from 213.214.76.227 port 55480 ssh2
Feb 22 14:13:14 router sshd[22296]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:15 router sshd[22298]: Invalid user aptproxy from 213.214.76.227
Feb 22 14:13:15 router sshd[22298]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:15 router sshd[22298]: error: Could not get shadow information for NOUSER
Feb 22 14:13:15 router sshd[22298]: Failed password for invalid user aptproxy from 213.214.76.227 port 55558 ssh2
Feb 22 14:13:15 router sshd[22298]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:19 router sshd[22300]: Invalid user desktop from 213.214.76.227
Feb 22 14:13:19 router sshd[22300]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:19 router sshd[22300]: error: Could not get shadow information for NOUSER
Feb 22 14:13:19 router sshd[22300]: Failed password for invalid user desktop from 213.214.76.227 port 55614 ssh2
Feb 22 14:13:19 router sshd[22300]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:20 router sshd[22302]: Invalid user workshop from 213.214.76.227
Feb 22 14:13:20 router sshd[22302]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:20 router sshd[22302]: error: Could not get shadow information for NOUSER
Feb 22 14:13:20 router sshd[22302]: Failed password for invalid user workshop from 213.214.76.227 port 55822 ssh2
Feb 22 14:13:20 router sshd[22302]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:21 router sshd[22304]: Invalid user mailnull from 213.214.76.227
Feb 22 14:13:21 router sshd[22304]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:21 router sshd[22304]: error: Could not get shadow information for NOUSER
Feb 22 14:13:21 router sshd[22304]: Failed password for invalid user mailnull from 213.214.76.227 port 55890 ssh2
Feb 22 14:13:21 router sshd[22304]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:22 router sshd[22306]: Invalid user nfsnobody from 213.214.76.227
Feb 22 14:13:22 router sshd[22306]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:22 router sshd[22306]: error: Could not get shadow information for NOUSER
Feb 22 14:13:22 router sshd[22306]: Failed password for invalid user nfsnobody from 213.214.76.227 port 55950 ssh2
Feb 22 14:13:22 router sshd[22306]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:23 router sshd[22308]: Invalid user rpcuser from 213.214.76.227
Feb 22 14:13:23 router sshd[22308]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:23 router sshd[22308]: error: Could not get shadow information for NOUSER
Feb 22 14:13:23 router sshd[22308]: Failed password for invalid user rpcuser from 213.214.76.227 port 56016 ssh2
Feb 22 14:13:23 router sshd[22308]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:25 router sshd[22310]: Invalid user rpc from 213.214.76.227
Feb 22 14:13:25 router sshd[22310]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:25 router sshd[22310]: error: Could not get shadow information for NOUSER
Feb 22 14:13:25 router sshd[22310]: Failed password for invalid user rpc from 213.214.76.227 port 56090 ssh2
Feb 22 14:13:25 router sshd[22310]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:26 router sshd[22312]: Invalid user gopher from 213.214.76.227
Feb 22 14:13:26 router sshd[22312]: Excess permission or bad ownership on file /var/log/btmp
Feb 22 14:13:26 router sshd[22312]: error: Could not get shadow information for NOUSER
Feb 22 14:13:26 router sshd[22312]: Failed password for invalid user gopher from 213.214.76.227 port 56158 ssh2
Feb 22 14:13:26 router sshd[22312]: Excess permission or bad ownership on file /var/log/btmp

Domyslam sie ze ktos chce zalogowac sie na moj komputer przez ssh. Moze to jest atak brute force ?? Tzn to tylko takie przypuszczenia.
Pytanie moje jest nastepujace jak moge sie zabezpieczyc przed takim czyms ? Potrzebuje ssh do logowania sie z domu na serwer wiec zablokowanie go przez firewall odpada.
Ewentualnie moglbym zablokowac to IP jednak czasem zdaza sie tez taka proba z innych IP
Pozdrawiam

_________________

Na górę

Tytuł:

: środa, 22 lutego 2006, 15:27

Użytkownik

Rejestracja: czwartek, 19 sierpnia 2004, 15:18
Posty: 1273
Lokalizacja: Tychy

poczytaj było z 1000 razy
zmień port

_________________
Pomogłem ? wypij moje zdrowie
Nie polemizuj z idiotą - najpierw sprowadzi Cię do swojego poziomu, a później pobije doświadczeniem.

Na górę

JOSH

Tytuł:

: środa, 22 lutego 2006, 20:27

Użytkownik

Rejestracja: środa, 2 listopada 2005, 16:36
Posty: 116

Też miałem takie logi, zmieniłem port i cisza.

a i tak ps, myślę ,że brute force różni się od metody słownikowej

_________________
P3 550, 256 ram 512 cache + 20gb 2,5 cala

NND 8mbit adsl

Na górę

webster21

Tytuł:

: sobota, 25 lutego 2006, 21:39

Użytkownik

Rejestracja: niedziela, 22 lutego 2004, 10:40
Posty: 140

A ja poradzilem sobie w taki sposob ze wpisalem regulki do hosts.allow z kompow z ktorych najczesciej korzystam.

_________________
Mnie tu nie ma i nie bylo

Na górę

marask

Tytuł:

: sobota, 25 lutego 2006, 22:44

Użytkownik

Rejestracja: sobota, 26 listopada 2005, 07:47
Posty: 864

ale to nie zawsze nadaje się do wykorzystania :/ Ale zmiana portu + max 6 prób zalogowania i po kłopocie... albo skrypt czerwo

Na górę

czerwo

Tytuł:

: niedziela, 26 lutego 2006, 15:23

MODERATOR

Rejestracja: wtorek, 31 sierpnia 2004, 23:06
Posty: 3267
Lokalizacja: Katowice

ja mam na 22

i mam czesto takie logi
Feb 26 10:49:58 serwer sshd[14920]: fatal: Timeout before authentication for 218.106.119.245

dziwne Timeout ciekawe czemu :twisted:

_________________
Obrazek

Na górę

Strona 1 z 1

[ Posty: 6 ]

Indeks witryny » NND » Instalacja i konfiguracja (NND)

Strefa czasowa UTC+2godz.

Kto jest online

Użytkownicy przeglądający to forum: Obecnie na forum nie ma żadnego zarejestrowanego użytkownika i 29 gości

Nie możesz tworzyć nowych tematów
Nie możesz odpowiadać w tematach
Nie możesz zmieniać swoich postów
Nie możesz usuwać swoich postów
Nie możesz dodawać załączników