我有个问题。
有人试图进入我的服务器,而且这种情况经常发生。例如:
Aug 19 14:11:42 oplot sshd[18373]: input_userauth_request: invalid user oracle
Aug 19 14:11:42 oplot sshd[18372]: pam_unix(sshd:auth): check pass; user unknown
Aug 19 14:11:42 oplot sshd[18372]: pam_unix(sshd:auth): authentication failure;
logname= uid=0 euid=0 tty=ssh ruser= rhost=211.38.137.44
Aug 19 14:11:44 oplot sshd[18372]: Failed password for invalid user oracle from
211.38.137.44 port 36 841 ssh2
Aug 19 14:11:45 oplot sshd[18373]: Received disconnect from 211.38.137.44: 11:
Bye Bye
Aug 19 14:11:47 oplot sshd[18374]: Invalid user test from 211.38.137.44
Aug 19 14:11:47 oplot sshd[18375]: input_userauth_request: invalid user test
Aug 19 14:11:47 oplot sshd[18374]: pam_unix(sshd:auth): check pass; user unknown
Aug 19 14:11:47 oplot sshd[18374]: pam_unix(sshd:auth): authentication failure;
logname= uid=0 euid=0 tty=ssh ruser= rhost=211.38.137.44
还有这个
Aug 19 14:58:51 oplot sshd[19543]: Failed password for root from 202.117.56.29
port 43025 ssh2
Aug 19 14:58:52 oplot sshd[19544]: Received disconnect from 202.117.56.29: 11:
Bye Bye
Aug 19 14:58:55 oplot sshd[19546]: reverse mapping checking getaddrinfo for
56h29.xjtu.edu.cn [202.117.56.29] failed - POSSIBLE BREAK-IN ATTEMPT!
你能向我解释一下“反向映射检查getaddrinfo”是什么意思吗?
在多次尝试后如何阻止 IP?