/ Forside / Teknologi / Internet / Sikkerhed / Nyhedsindlæg
Login
Glemt dit kodeord? 		Brugernavn

Kodeord


Reklame
Top 10 brugere
Sikkerhed
#NavnPoint
stl_s 37026
arlet 26827
miritdk 20260
o.v.n. 12167
als 8951
refi 8694
tedd 8272
BjarneD 7338
Klaudi 7257
10  molokyle 6481
Spørgsmål om mystisk log fra E-smith-pakke~
Fra : Nick

Dato : 10-04-06 19:41
Hej alle,

Jeg kører en lille Linuxserver med E-smith-pakken på.

Hver dag får jeg en automatisk genereret statusrapport, og her på det sidste
er der en hel masse som nedenstående.

Er det fordi nogle prøver at logge ind og tester alle mulige passwords af?
Hvordan kan jeg stoppe den trafik? Altså, skal jeg installere noget mere
sikkerhedshalløj?
Jeg roder lidt i blinde, idet jeg fatter meget lidt Linux
Hvis jeg har postet i den forkerte NG må I undskylde.

Tak for enhver hjælp!

/Nick

---

Her er hvad den f.eks. skrev i nat:

Denied 7126 packets on interface eth1
From 0.0.0.0 - 2 packets to udp(67)
From 8.85.12.152 - 10 packets to udp(1025,1026,1027,1028,1029)
From 15.126.8.47 - 4 packets to udp(1025,1026)
From 17.100.171.3 - 4 packets to udp(1025,1026)
From 17.139.40.134 - 4 packets to udp(1025,1026)
From 17.211.175.190 - 4 packets to udp(1025,1026)
From 24.206.90.75 - 2 packets to udp(1026)
From 33.128.66.145 - 2 packets to udp(1026)
From 38.62.109.187 - 2 packets to udp(1026)
From 53.27.96.216 - 4 packets to udp(1025,1026)
From 53.249.121.158 - 4 packets to udp(1025,1026)
From 57.88.7.244 - 4 packets to udp(1025,1026)
From 58.48.150.214 - 4 packets to tcp(445)
From 59.44.58.103 - 12 packets to tcp(8000,8080)
From 59.120.152.230 - 6 packets to tcp(13724)
From 60.18.134.1 - 2 packets to udp(1026)
From 60.191.42.142 - 2 packets to udp(1434)
From 61.221.208.75 - 4 packets to tcp(445)
From 61.229.150.90 - 4 packets to tcp(445)
From 62.107.146.185 - 2 packets to udp(1026)
From 64.4.12.201 - 2 packets to udp(9200)
From 64.55.3.228 - 2 packets to udp(1025)
From 64.72.107.219 - 2 packets to udp(1025)
From 64.195.177.238 - 2 packets to udp(1025)
From 65.173.208.101 - 2 packets to udp(1026)
From 65.214.95.162 - 6 packets to tcp(445)
From 66.16.107.239 - 6 packets to tcp(135)
From 66.172.137.164 - 6 packets to tcp(41523)
From 67.82.247.217 - 4 packets to udp(1025,1026)
From 68.220.42.224 - 4 packets to udp(1025,1026)
From 71.49.133.48 - 4 packets to udp(1025,1026)
From 71.108.6.10 - 4 packets to udp(1025,1026)
From 80.166.151.249 - 6 packets to tcp(135)
From 80.219.176.99 - 6 packets to tcp(135)
From 80.224.47.164 - 2 packets to udp(1434)
From 82.66.91.216 - 4 packets to tcp(445)
From 83.5.29.162 - 6 packets to tcp(445)
From 83.5.36.196 - 6 packets to tcp(445)
From 83.5.48.15 - 6 packets to tcp(445)
From 83.5.49.56 - 6 packets to tcp(445)
From 83.5.51.93 - 6 packets to tcp(445)
From 83.5.60.198 - 6 packets to tcp(445)
From 83.5.63.2 - 6 packets to tcp(445)
From 83.5.111.52 - 6 packets to tcp(445)
From 83.5.229.97 - 6 packets to tcp(445)
From 83.5.244.125 - 6 packets to tcp(445)
From 83.6.106.239 - 6 packets to tcp(445)
From 83.6.237.69 - 6 packets to tcp(445)
From 83.6.243.74 - 6 packets to tcp(445)
From 83.7.8.158 - 6 packets to tcp(445)
From 83.7.8.195 - 6 packets to tcp(445)
From 83.7.12.185 - 6 packets to tcp(445)
From 83.7.17.86 - 6 packets to tcp(445)
From 83.7.24.199 - 6 packets to tcp(445)
From 83.7.215.142 - 6 packets to tcp(445)
From 83.7.227.228 - 6 packets to tcp(445)
From 83.7.230.105 - 6 packets to tcp(445)
From 83.8.13.53 - 6 packets to tcp(445)
From 83.8.15.140 - 6 packets to tcp(445)
From 83.8.30.219 - 4 packets to tcp(445)
From 83.8.62.165 - 6 packets to tcp(445)
From 83.8.90.99 - 6 packets to tcp(445)
From 83.8.170.103 - 6 packets to tcp(445)
From 83.8.179.101 - 6 packets to tcp(445)
From 83.8.217.57 - 6 packets to tcp(445)
From 83.8.221.148 - 6 packets to tcp(445)
From 83.8.232.175 - 6 packets to tcp(445)
From 83.8.241.88 - 6 packets to tcp(445)
From 83.8.248.101 - 2 packets to tcp(445)
From 83.8.253.153 - 6 packets to tcp(445)
From 83.9.18.142 - 6 packets to tcp(445)
From 83.9.44.47 - 6 packets to tcp(445)
From 83.9.50.175 - 6 packets to tcp(445)
From 83.9.63.86 - 6 packets to tcp(445)
From 83.9.212.17 - 6 packets to tcp(445)
From 83.9.219.84 - 4 packets to tcp(445)
From 83.9.250.105 - 4 packets to tcp(445)
From 83.10.4.193 - 4 packets to tcp(445)
From 83.10.13.214 - 6 packets to tcp(445)
From 83.10.20.94 - 6 packets to tcp(445)
From 83.10.111.195 - 6 packets to tcp(445)
From 83.10.121.27 - 6 packets to tcp(445)
From 83.10.189.212 - 6 packets to tcp(445)
From 83.10.192.75 - 6 packets to tcp(445)
From 83.10.207.133 - 6 packets to tcp(445)
From 83.11.9.130 - 6 packets to tcp(445)
From 83.11.43.15 - 4 packets to tcp(445)
From 83.11.170.213 - 6 packets to tcp(445)
From 83.14.205.90 - 6 packets to tcp(445)
From 83.14.207.204 - 6 packets to tcp(445)
From 83.16.41.246 - 6 packets to tcp(445)
From 83.20.2.106 - 6 packets to tcp(135)
From 83.20.20.133 - 6 packets to tcp(445)
From 83.20.215.138 - 6 packets to tcp(445)
From 83.21.13.66 - 6 packets to tcp(445)
From 83.21.32.26 - 6 packets to tcp(445)
From 83.22.53.75 - 6 packets to tcp(445)
From 83.22.222.26 - 6 packets to tcp(445)
From 83.22.243.2 - 6 packets to tcp(445)
From 83.23.62.110 - 6 packets to tcp(445)
From 83.24.139.209 - 6 packets to tcp(445)
From 83.24.151.98 - 6 packets to tcp(445)
From 83.24.199.109 - 6 packets to tcp(445)
From 83.24.226.175 - 4 packets to tcp(445)
From 83.25.77.119 - 6 packets to tcp(445)
From 83.25.221.61 - 6 packets to tcp(445)
From 83.25.251.226 - 6 packets to tcp(445)
From 83.26.10.79 - 4 packets to tcp(445)
From 83.26.41.67 - 6 packets to tcp(445)
From 83.26.46.241 - 6 packets to tcp(445)
From 83.26.103.95 - 6 packets to tcp(445)
From 83.26.116.150 - 4 packets to tcp(445)
From 83.26.117.20 - 6 packets to tcp(135)
From 83.26.133.127 - 12 packets to tcp(135)
From 83.27.21.37 - 6 packets to tcp(445)
From 83.27.164.197 - 6 packets to tcp(445)
From 83.27.167.249 - 6 packets to tcp(445)
From 83.27.170.147 - 6 packets to tcp(445)
From 83.28.14.37 - 4 packets to tcp(445)
From 83.28.34.14 - 6 packets to tcp(445)
From 83.28.57.110 - 6 packets to tcp(445)
From 83.28.100.13 - 6 packets to tcp(445)
From 83.28.135.125 - 6 packets to tcp(445)
From 83.28.145.67 - 6 packets to tcp(445)
From 83.28.146.136 - 6 packets to tcp(445)
From 83.28.192.80 - 6 packets to tcp(445)
From 83.28.231.76 - 6 packets to tcp(445)
From 83.28.243.129 - 6 packets to tcp(445)
From 83.29.19.32 - 6 packets to tcp(445)
From 83.29.74.63 - 6 packets to tcp(445)
From 83.29.141.73 - 6 packets to tcp(135)
From 83.29.206.226 - 6 packets to tcp(445)
From 83.29.219.5 - 6 packets to tcp(445)
From 83.29.234.162 - 6 packets to tcp(445)
From 83.30.186.135 - 6 packets to tcp(445)
From 83.30.198.165 - 6 packets to tcp(445)
From 83.31.38.140 - 6 packets to tcp(445)
From 83.31.43.44 - 6 packets to tcp(135)
From 83.31.69.95 - 6 packets to tcp(135)
From 83.31.87.231 - 4 packets to tcp(445)
From 83.31.118.63 - 6 packets to tcp(135)
From 83.37.24.119 - 6 packets to tcp(135)
From 83.37.107.11 - 6 packets to tcp(445)
From 83.51.115.193 - 6 packets to tcp(135)
From 83.53.29.136 - 4 packets to tcp(135)
From 83.54.104.99 - 6 packets to tcp(135)
From 83.54.144.53 - 6 packets to tcp(445)
From 83.54.216.143 - 6 packets to tcp(135)
From 83.56.132.21 - 6 packets to tcp(135)
From 83.58.201.76 - 6 packets to tcp(445)
From 83.59.71.31 - 12 packets to tcp(445)
From 83.59.201.55 - 6 packets to tcp(135)
From 83.68.75.7 - 4 packets to tcp(445)
From 83.85.4.51 - 6 packets to tcp(1433)
From 83.88.64.219 - 6 packets to tcp(135)
From 83.88.65.131 - 6 packets to tcp(135)
From 83.88.66.146 - 6 packets to tcp(135)
From 83.88.66.216 - 42 packets to tcp(445)
From 83.88.66.226 - 132 packets to tcp(135,445)
From 83.88.67.148 - 60 packets to tcp(135,445)
From 83.88.68.204 - 6 packets to tcp(445)
From 83.88.69.53 - 6 packets to tcp(135)
From 83.88.69.169 - 8 packets to tcp(445)
From 83.88.69.209 - 6 packets to tcp(135)
From 83.88.69.238 - 6 packets to tcp(135)
From 83.88.70.102 - 10 packets to tcp(135)
From 83.88.71.167 - 12 packets to tcp(135)
From 83.88.72.33 - 12 packets to tcp(445)
From 83.88.73.35 - 18 packets to tcp(445)
From 83.88.73.132 - 24 packets to tcp(445)
From 83.88.73.242 - 6 packets to tcp(445)
From 83.88.74.91 - 18 packets to tcp(135)
From 83.88.75.39 - 24 packets to tcp(445)
From 83.88.75.105 - 12 packets to tcp(445)
From 83.88.75.122 - 12 packets to tcp(445)
From 83.88.81.3 - 54 packets to tcp(135,445)
From 83.88.81.116 - 14 packets to tcp(135)
From 83.88.83.99 - 24 packets to tcp(135)
From 83.88.84.64 - 4 packets to tcp(135)
From 83.88.84.132 - 42 packets to tcp(135,445)
From 83.88.86.42 - 36 packets to tcp(445)
From 83.88.86.238 - 4 packets to tcp(445)
From 83.88.87.34 - 48 packets to tcp(135)
From 83.88.87.49 - 12 packets to tcp(445)
From 83.88.87.103 - 30 packets to tcp(135)
From 83.88.87.215 - 36 packets to tcp(135,445)
From 83.88.89.202 - 12 packets to tcp(135)
From 83.88.90.20 - 12 packets to tcp(135)
From 83.88.90.51 - 30 packets to tcp(135,445)
From 83.88.90.156 - 6 packets to tcp(135)
From 83.88.91.27 - 6 packets to tcp(135)
From 83.88.92.59 - 116 packets to tcp(135)
From 83.88.93.121 - 36 packets to tcp(445)
From 83.88.94.110 - 6 packets to tcp(135)
From 83.88.95.163 - 12 packets to tcp(445)
From 83.88.95.231 - 12 packets to tcp(445)
From 83.88.96.207 - 38 packets to tcp(135,445)
From 83.88.97.24 - 12 packets to tcp(445)
From 83.88.97.97 - 26 packets to tcp(445)
From 83.88.98.4 - 4 packets to tcp(445)
From 83.88.100.47 - 18 packets to tcp(135)
From 83.88.100.213 - 12 packets to tcp(135)
From 83.88.101.149 - 22 packets to tcp(445)
From 83.88.102.5 - 4 packets to tcp(135)
From 83.88.103.66 - 16 packets to tcp(445)
From 83.88.103.217 - 36 packets to tcp(445)
From 83.88.103.234 - 84 packets to tcp(135,445)
From 83.88.104.102 - 20 packets to tcp(445)
From 83.88.105.22 - 36 packets to tcp(445)
From 83.88.105.115 - 24 packets to tcp(445)
From 83.88.105.118 - 38 packets to tcp(135)
From 83.88.105.156 - 80 packets to tcp(135,445)
From 83.88.106.121 - 12 packets to tcp(445)
From 83.88.106.132 - 76 packets to tcp(135)
From 83.88.107.238 - 36 packets to tcp(135,445)
From 83.88.108.193 - 36 packets to tcp(445)
From 83.88.109.98 - 174 packets to tcp(135,445)
From 83.88.109.173 - 48 packets to tcp(445)
From 83.88.109.217 - 18 packets to tcp(135)
From 83.88.110.231 - 24 packets to tcp(135)
From 83.88.111.178 - 36 packets to tcp(135,445)
From 83.88.112.17 - 46 packets to tcp(135)
From 83.88.112.23 - 12 packets to tcp(445)
From 83.88.112.42 - 10 packets to tcp(135)
From 83.88.112.152 - 12 packets to tcp(135,445)
From 83.88.113.57 - 6 packets to tcp(135)
From 83.88.113.127 - 56 packets to tcp(135,445)
From 83.88.113.224 - 84 packets to tcp(135)
From 83.88.114.110 - 52 packets to tcp(135,445)
From 83.88.116.189 - 2 packets to tcp(135)
From 83.88.117.10 - 34 packets to tcp(135)
From 83.88.118.80 - 36 packets to tcp(445)
From 83.88.118.142 - 54 packets to tcp(135)
From 83.88.118.239 - 6 packets to tcp(135)
From 83.88.119.82 - 22 packets to tcp(445)
From 83.88.119.151 - 60 packets to tcp(135,445)
From 83.88.120.142 - 60 packets to tcp(135,445)
From 83.88.121.98 - 52 packets to tcp(135)
From 83.88.122.74 - 6 packets to tcp(445)
From 83.88.122.77 - 12 packets to tcp(445)
From 83.88.122.83 - 28 packets to tcp(445)
From 83.88.123.143 - 24 packets to tcp(135,445)
From 83.88.123.227 - 8 packets to tcp(445)
From 83.88.124.6 - 22 packets to tcp(135)
From 83.88.124.86 - 6 packets to tcp(135)
From 83.88.125.5 - 24 packets to tcp(445)
From 83.88.125.203 - 76 packets to tcp(135,445)
From 83.88.126.34 - 18 packets to tcp(135)
From 83.88.126.52 - 14 packets to tcp(445)
From 83.88.126.91 - 36 packets to tcp(445)
From 83.88.127.19 - 8 packets to tcp(135)
From 83.88.127.84 - 20 packets to tcp(135,445)
From 83.88.127.154 - 120 packets to tcp(135,445)
From 83.88.128.123 - 18 packets to tcp(135,445)
From 83.88.128.134 - 2 packets to tcp(445)
From 83.88.128.155 - 52 packets to tcp(135,445)
From 83.88.128.235 - 10 packets to tcp(135)
From 83.88.130.193 - 6 packets to tcp(445)
From 83.88.130.221 - 18 packets to tcp(135)
From 83.88.132.47 - 18 packets to tcp(135)
From 83.88.133.195 - 138 packets to tcp(80,135,445,5000,31337)
From 83.88.133.241 - 64 packets to tcp(135,445)
From 83.88.134.16 - 36 packets to tcp(445)
From 83.88.134.152 - 24 packets to tcp(445)
From 83.88.135.23 - 30 packets to tcp(135,445)
From 83.88.135.219 - 12 packets to tcp(135)
From 83.88.135.220 - 6 packets to tcp(445)
From 83.88.135.229 - 6 packets to tcp(135)
From 83.88.136.22 - 24 packets to tcp(135)
From 83.88.136.35 - 6 packets to tcp(445)
From 83.88.137.113 - 6 packets to tcp(135)
From 83.88.137.124 - 18 packets to tcp(135)
From 83.88.138.172 - 66 packets to tcp(445)
From 83.88.139.75 - 12 packets to tcp(135)
From 83.88.139.167 - 12 packets to tcp(135)
From 83.88.144.243 - 6 packets to tcp(135)
From 83.88.145.7 - 12 packets to tcp(135)
From 83.88.146.130 - 8 packets to tcp(445)
From 83.88.146.149 - 4 packets to tcp(445)
From 83.88.146.221 - 48 packets to tcp(135,1433)
From 83.88.147.12 - 54 packets to tcp(135)
From 83.88.147.165 - 8 packets to tcp(445)
From 83.88.147.239 - 18 packets to tcp(135)
From 83.88.156.15 - 12 packets to tcp(445)
From 83.88.156.227 - 10 packets to tcp(445)
From 83.88.157.130 - 14 packets to tcp(135)
From 83.88.157.177 - 52 packets to tcp(445)
From 83.88.157.178 - 44 packets to tcp(135,445)
From 83.88.158.12 - 84 packets to tcp(135)
From 83.88.158.224 - 24 packets to tcp(135)
From 83.88.159.125 - 6 packets to tcp(135)
From 83.88.159.239 - 114 packets to tcp(135)
From 83.88.162.3 - 12 packets to tcp(445)
From 83.88.163.37 - 48 packets to tcp(135,445)
From 83.88.180.166 - 12 packets to tcp(445)
From 83.88.182.163 - 38 packets to tcp(445)
From 83.88.182.176 - 60 packets to tcp(135,445)
From 83.88.183.5 - 54 packets to tcp(135,445)
From 83.88.183.62 - 6 packets to tcp(135)
From 83.88.184.212 - 34 packets to tcp(135,445)
From 83.88.184.235 - 12 packets to tcp(135)
From 83.88.186.249 - 22 packets to tcp(135)
From 83.88.187.112 - 8 packets to tcp(445)
From 83.88.192.250 - 24 packets to tcp(445)
From 83.88.193.95 - 6 packets to tcp(135)
From 83.88.193.104 - 6 packets to tcp(135)
From 83.88.195.12 - 36 packets to tcp(135,445)
From 83.88.195.95 - 6 packets to tcp(135)
From 83.88.204.46 - 8 packets to tcp(445)
From 83.88.204.106 - 30 packets to tcp(135)
From 83.88.205.234 - 12 packets to tcp(445)
From 83.88.206.23 - 24 packets to tcp(445)
From 83.88.207.149 - 6 packets to tcp(135)
From 83.88.227.84 - 30 packets to tcp(135)
From 83.88.227.140 - 18 packets to tcp(135)
From 83.88.231.148 - 24 packets to tcp(135,445)
From 83.88.235.92 - 90 packets to tcp(135)
From 83.88.236.173 - 24 packets to tcp(445)
From 83.88.236.189 - 30 packets to tcp(135,445)
From 83.88.237.90 - 12 packets to tcp(445)
From 83.88.238.2 - 6 packets to tcp(135)
From 83.88.238.155 - 40 packets to tcp(445)
From 83.88.239.92 - 54 packets to tcp(135,445)
From 83.88.244.142 - 12 packets to tcp(445)
From 83.88.244.198 - 6 packets to tcp(135)
From 83.88.244.250 - 6 packets to tcp(445)
From 83.88.245.36 - 10 packets to tcp(445)
From 83.88.245.213 - 22 packets to tcp(135)
From 83.88.246.52 - 30 packets to tcp(135,445)
From 83.88.247.37 - 24 packets to tcp(445)
From 83.88.247.40 - 12 packets to tcp(135)
From 83.88.247.53 - 4 packets to tcp(445)
From 83.88.247.56 - 12 packets to tcp(445)
From 83.88.247.206 - 4 packets to tcp(445)
From 83.88.247.251 - 12 packets to tcp(445)
From 83.88.248.169 - 4 packets to tcp(445)
From 83.88.249.64 - 36 packets to tcp(135)
From 83.88.249.76 - 6 packets to tcp(135)
From 83.88.249.216 - 18 packets to tcp(135)
From 83.88.250.40 - 22 packets to tcp(135,445)
From 83.88.250.237 - 18 packets to tcp(135)
From 83.88.251.82 - 36 packets to tcp(135)
From 83.88.251.207 - 8 packets to tcp(445)
From 83.88.253.38 - 30 packets to tcp(135,445)
From 83.88.254.126 - 24 packets to tcp(135)
From 83.88.254.247 - 90 packets to tcp(135)
From 83.88.255.91 - 22 packets to tcp(135,445)
From 83.88.255.118 - 6 packets to tcp(135)
From 83.92.54.182 - 4 packets to tcp(445)
From 83.92.55.104 - 6 packets to tcp(445)
From 83.94.149.222 - 16 packets to tcp(135,445)
From 83.97.140.135 - 4 packets to tcp(445)
From 83.131.191.249 - 6 packets to tcp(445)
From 83.144.134.181 - 4 packets to tcp(135)
From 83.144.143.89 - 12 packets to tcp(135)
From 83.153.67.127 - 6 packets to tcp(445)
From 83.171.176.61 - 6 packets to tcp(445)
From 83.173.191.8 - 6 packets to tcp(135)
From 83.173.255.96 - 6 packets to tcp(445)
From 83.180.64.7 - 6 packets to tcp(445)
From 83.180.65.241 - 10 packets to tcp(445)
From 83.180.224.244 - 24 packets to tcp(445,15118)
From 83.208.124.103 - 6 packets to tcp(445)
From 83.208.183.87 - 6 packets to tcp(445)
From 83.208.199.130 - 6 packets to tcp(445)
From 83.214.61.191 - 6 packets to tcp(445)
From 83.214.88.63 - 6 packets to tcp(445)
From 83.214.205.158 - 6 packets to tcp(445)
From 83.217.41.169 - 4 packets to tcp(1025,6129)
From 83.217.93.32 - 6 packets to tcp(1433)
From 83.218.175.218 - 6 packets to tcp(135)
From 83.222.166.99 - 6 packets to tcp(445)
From 83.234.40.175 - 6 packets to tcp(445)
From 83.236.71.250 - 4 packets to tcp(135)
From 83.238.228.129 - 4 packets to tcp(445)
From 83.238.235.224 - 6 packets to tcp(445)
From 83.249.222.105 - 8 packets to tcp(3306)
From 84.9.11.159 - 4 packets to tcp(445)
From 84.36.119.82 - 2 packets to udp(1434)
From 84.46.149.234 - 4 packets to tcp(445)
From 84.184.123.253 - 4 packets to udp(1025,1026)
From 87.51.116.232 - 24 packets to tcp(445)
From 128.30.246.152 - 2 packets to udp(1026)
From 128.154.169.237 - 4 packets to udp(1025,1026)
From 129.61.129.14 - 2 packets to udp(1026)
From 130.17.218.43 - 4 packets to udp(1025,1026)
From 135.39.244.17 - 4 packets to udp(1025,1026)
From 142.145.85.224 - 2 packets to udp(1026)
From 155.76.94.241 - 2 packets to udp(1026)
From 158.168.137.254 - 4 packets to udp(1025,1026)
From 164.154.229.168 - 10 packets to udp(1025,1026,1027,1028,1029)
From 169.11.110.48 - 4 packets to udp(1025,1026)
From 169.140.252.30 - 10 packets to udp(1025,1026,1027,1028,1029)
From 169.155.67.210 - 2 packets to udp(1025)
From 192.236.37.221 - 2 packets to udp(1026)
From 196.206.132.188 - 8 packets to tcp(4899)
From 199.212.21.29 - 6 packets to tcp(6676)
From 199.247.52.3 - 6 packets to tcp(4899)
From 200.183.189.2 - 4 packets to tcp(445)
From 200.207.63.44 - 2 packets to udp(1434)
From 202.65.108.250 - 4 packets to tcp(1080)
From 203.158.210.208 - 2 packets to udp(1025)
From 203.199.136.225 - 2 packets to udp(1025)
From 203.200.210.96 - 2 packets to udp(1026)
From 203.208.196.105 - 4 packets to tcp(445)
From 204.16.208.59 - 44 packets to udp(1026,1027)
From 204.16.208.60 - 10 packets to udp(1026,1027)
From 204.16.208.102 - 216 packets to udp(1026,1027)
From 204.16.208.103 - 100 packets to udp(1026,1027)
From 204.16.208.105 - 80 packets to udp(1026,1027)
From 204.16.208.106 - 4 packets to udp(1026,1027)
From 204.16.208.113 - 96 packets to udp(1026,1027)
From 204.16.208.114 - 4 packets to udp(1026,1027)
From 205.251.13.13 - 4 packets to udp(1025,1026)
From 207.253.175.158 - 2 packets to udp(1026)
From 209.107.77.80 - 2 packets to udp(1026)
From 209.218.154.99 - 4 packets to udp(1025,1026)
From 210.192.111.6 - 6 packets to tcp(4899)
From 211.21.70.123 - 4 packets to tcp(445)
From 213.200.210.6 - 4 packets to tcp(445)
From 214.248.197.167 - 4 packets to udp(1025,1026)
From 215.74.88.181 - 2 packets to udp(1026)
From 216.133.228.42 - 2 packets to udp(1434)
From 217.19.136.26 - 4 packets to tcp(445)
From 217.66.146.163 - 2 packets to udp(1026)
From 218.24.13.22 - 4 packets to tcp(389)
From 218.27.16.131 - 14 packets to udp(1030,1032,1033,4257)
From 218.71.235.104 - 2 packets to udp(1434)
From 218.169.226.1 - 2 packets to udp(1026)
From 218.252.148.53 - 2 packets to udp(1025)
From 219.146.180.131 - 2 packets to udp(1434)
From 220.138.253.87 - 2 packets to udp(1026)
From 220.147.146.250 - 2 packets to udp(1434)
From 220.165.4.138 - 2 packets to udp(1434)
From 221.22.19.164 - 2 packets to udp(1026)
From 221.101.202.36 - 2 packets to udp(1026)
From 221.205.54.251 - 4 packets to tcp(4899)
From 221.216.66.25 - 6 packets to tcp(4899)
From 222.38.148.19 - 2 packets to udp(1026)
From 222.182.10.198 - 2 packets to udp(1434)
From 222.183.94.7 - 2 packets to udp(1434)
From 222.190.116.205 - 4 packets to udp(1025,1026)

---------------------- Kernel End -------------------------


--------------------- SSHD Begin ------------------------


Failed logins from these:
Aaliyah/password from 81.208.107.227: 2 Time(s)
Aaron/password from 81.208.107.227: 2 Time(s)
Aba/password from 81.208.107.227: 2 Time(s)
Abel/password from 81.208.107.227: 2 Time(s)
Access/password from 81.208.107.227: 2 Time(s)
Chicago/password from 81.208.107.227: 4 Time(s)
Christ/password from 81.208.107.227: 2 Time(s)
Dakota/password from 81.208.107.227: 4 Time(s)
Exit/password from 81.208.107.227: 2 Time(s)
Ionut/password from 81.208.107.227: 2 Time(s)
Jewel/password from 81.208.107.227: 2 Time(s)
Jordan/password from 81.208.107.227: 4 Time(s)
Joshua/password from 81.208.107.227: 4 Time(s)
Justin/password from 81.208.107.227: 4 Time(s)
Nicole/password from 81.208.107.227: 4 Time(s)
Robert/password from 81.208.107.227: 4 Time(s)
Where/password from 81.208.107.227: 2 Time(s)
Zmeu/password from 81.208.107.227: 4 Time(s)
a1/password from 66.181.245.226: 2 Time(s)
a2/password from 66.181.245.226: 2 Time(s)
aa/password from 66.181.245.226: 2 Time(s)
aaa/password from 66.181.245.226: 2 Time(s)
aaron/password from 81.208.107.227: 10 Time(s)
ab/password from 66.181.245.226: 2 Time(s)
abby/password from 81.208.107.227: 8 Time(s)
abc/password from 66.181.245.226: 4 Time(s)
abc/password from 81.208.107.227: 2 Time(s)
abilenki/password from 81.208.107.227: 6 Time(s)
abracadabra/password from 81.208.107.227: 2 Time(s)
absurdir_deadphp/password from 81.208.107.227: 2 Time(s)
ac/password from 66.181.245.226: 2 Time(s)
accont/password from 66.181.245.226: 4 Time(s)
acconts/password from 66.181.245.226: 2 Time(s)
acer/password from 66.181.245.226: 4 Time(s)
acount/password from 81.208.107.227: 2 Time(s)
ad/password from 66.181.245.226: 2 Time(s)
ada/password from 81.208.107.227: 2 Time(s)
adam/password from 81.208.107.227: 32 Time(s)
adame/password from 80.76.62.253: 6 Time(s)
add/password from 81.208.107.227: 2 Time(s)
address/password from 81.208.107.227: 2 Time(s)
adela/password from 81.208.107.227: 2 Time(s)
adelina/password from 81.208.107.227: 2 Time(s)
adi/password from 81.208.107.227: 6 Time(s)
adine/password from 81.208.107.227: 10 Time(s)
adm/password from 66.181.245.226: 4 Time(s)
adm/password from 81.208.107.227: 6 Time(s)
admin/password from 66.181.245.226: 6 Time(s)
admin/password from 80.76.62.253: 6 Time(s)
admin/password from 81.208.107.227: 88 Time(s)
admin2/password from 66.181.245.226: 2 Time(s)
admin2/password from 81.208.107.227: 8 Time(s)
administrativ/password from 66.181.245.226: 2 Time(s)
administrator/password from 81.208.107.227: 10 Time(s)
admins/password from 81.208.107.227: 8 Time(s)
adrian/password from 81.208.107.227: 16 Time(s)
advertising/password from 81.208.107.227: 2 Time(s)
ae/password from 66.181.245.226: 2 Time(s)
aecpro/password from 81.208.107.227: 8 Time(s)
af/password from 66.181.245.226: 2 Time(s)
ag/password from 66.181.245.226: 2 Time(s)
agrar/password from 66.181.245.226: 2 Time(s)
ah/password from 66.181.245.226: 2 Time(s)
ahmed/password from 81.208.107.227: 10 Time(s)
ai/password from 66.181.245.226: 2 Time(s)
aida/password from 81.208.107.227: 2 Time(s)
aircode/password from 80.76.62.253: 12 Time(s)
aj/password from 66.181.245.226: 2 Time(s)
ak/password from 66.181.245.226: 2 Time(s)
akif/password from 66.181.245.226: 2 Time(s)
al/password from 66.181.245.226: 2 Time(s)
alan/password from 81.208.107.227: 10 Time(s)
alba/password from 80.76.62.253: 6 Time(s)
albert/password from 81.208.107.227: 12 Time(s)
alberto/password from 81.208.107.227: 12 Time(s)
alex/password from 81.208.107.227: 26 Time(s)
alexander/password from 81.208.107.227: 8 Time(s)
alexandra/password from 81.208.107.227: 2 Time(s)
alexandru/password from 81.208.107.227: 6 Time(s)
alexie/password from 81.208.107.227: 6 Time(s)
alfred/password from 81.208.107.227: 10 Time(s)
ali/password from 81.208.107.227: 10 Time(s)

--- klippet en *MASSE* linier ud

zxvf/password from 81.208.107.227: 2 Time(s)
zy/none from 66.181.245.226: 2 Time(s)
zy/password from 66.181.245.226: 2 Time(s)
zz/none from 66.181.245.226: 2 Time(s)
zz/password from 66.181.245.226: 2 Time(s)
/none from 66.181.245.226: 2 Time(s)
/password from 66.181.245.226: 2 Time(s)
---





 
 
Kent Friis (10-04-2006)
Kommentar
Fra : Kent Friis

Dato : 10-04-06 19:50
Den Mon, 10 Apr 2006 20:40:58 +0200 skrev Nick:
> Hej alle,
>
> Jeg kører en lille Linuxserver med E-smith-pakken på.
>
> Hver dag får jeg en automatisk genereret statusrapport, og her på det sidste
> er der en hel masse som nedenstående.
>
> Er det fordi nogle prøver at logge ind og tester alle mulige passwords af?
> Hvordan kan jeg stoppe den trafik? Altså, skal jeg installere noget mere
> sikkerhedshalløj?
> Jeg roder lidt i blinde, idet jeg fatter meget lidt Linux
> Hvis jeg har postet i den forkerte NG må I undskylde.
>
> Her er hvad den f.eks. skrev i nat:
>
> Denied 7126 packets on interface eth1
> From 0.0.0.0 - 2 packets to udp(67)

DHCP - hvis du kører DHCP får du et problem når du blokerer dem. Du
mister simpelthen din IP-adresse når de timer ud.

> From 8.85.12.152 - 10 packets to udp(1025,1026,1027,1028,1029)
> From 83.5.48.15 - 6 packets to tcp(445)
> From 83.5.49.56 - 6 packets to tcp(445)
> From 83.88.66.226 - 132 packets to tcp(135,445)
> From 83.88.133.195 - 138 packets to tcp(80,135,445,5000,31337)

Folk der tror du kører Windows, enten Windows-maskiner der "leder efter
venner", eller bad guys der forsøger dagens Windows sikkerhedshul. Ikke
noget at være nervøs for, jeg vil foreslå at slå det fra. Det
interessante i en firewall log er alligevel ikke de pakker der
blev blokeret (de kom jo ikke ind), men dem der IKKE blev blokeret.

> --------------------- SSHD Begin ------------------------
> Failed logins from these:
> Aaliyah/password from 81.208.107.227: 2 Time(s)
> Aaron/password from 81.208.107.227: 2 Time(s)
> Aba/password from 81.208.107.227: 2 Time(s)
> Abel/password from 81.208.107.227: 2 Time(s)
> Access/password from 81.208.107.227: 2 Time(s)
> Chicago/password from 81.208.107.227: 4 Time(s)

Dictionary-angreb mod ssh. To forslag:

1. Hvis du ikke har brug for SSH udefra internettet, så bloker for
det i firewall'en eller hosts.allow/deny. Hvis du har brug for det,
men kun fra bestemte ip-ranges, så tillad disse, og bloker resten.

2. Sæt den op til at kræve public key authentication i stedet for
password. Det giver godt nok stadig en masse fyld i log-filen, men
de gætter aldrig en tilfældig 1024-bits (eller mere) key.

Mvh
Kent
--
Hard work may pay off in the long run, but laziness pays off right now.

Alex Holst (11-04-2006)
Kommentar
Fra : Alex Holst

Dato : 11-04-06 01:48
Nick wrote:
> Er det fordi nogle prøver at logge ind og tester alle mulige passwords af?
> Hvordan kan jeg stoppe den trafik? Altså, skal jeg installere noget mere
> sikkerhedshalløj?
> Jeg roder lidt i blinde, idet jeg fatter meget lidt Linux

Jeg kender ikke E-smith, men jeg vil tro det er ét af de systemer der
tvinger dig til at blive dygtig på meget kort tid (fordi mange services
kører, og de skal slås fra, for at forhindre indbrud).

OSSens punkt 9 om servere på nettet beskriver nogle punkter du kan tage
til efterretning:
   http://sikkerhed-faq.dk/servere
Punktet er ikke særligt OS eller teknologi specifik, men det er med
vilje. Hvis du har kommentarer eller spørgsmål omkring punktet, vil jeg
meget gerne besvare dem eller forbedre indholdet af OSSen.

Den første del af statusrapporten fortæller, at et IP filter har stoppet
en masse trafik til din maskine. Uden at vide mere om dit netværk og
dine krav, er det svært for os at sige præcist hvilke dele af trafikken
der bør tillades.

Den anden del fortæller, at et værktøjer via SSH har forsøgt at gætte
adgangskoderne til en masse konti der (i de fleste tilfælde) ikke findes
på dit system. Sørg for at have anstændige adgangskoder på dine konti.
Overvej at bruge SSH nøgler. Hvis du ikke benytter SSH, så sluk servicen.



--
I prefer the dark of the night, after midnight and before four-thirty,
when it's more bare, more hollow. http://a.mongers.org

OSS/FAQ for dk.edb.sikkerhed: http://sikkerhed-faq.dk
Søg
Reklame
Statistik
Spørgsmål : 177459
Tips : 31964
Nyheder : 719565
Indlæg : 6408180
Brugere : 218881
Månedens bedste
Årets bedste
Sidste års bedste
Copyright © 2000-2024 kandu.dk. Alle rettigheder forbeholdes.