幾種方法, 你參考看看
1.透過TCPWrapper可以過濾, /etc/hosts.allow, 限制哪些ip可連線
example:
all : 192.168.0.0/255.255.0.0 : allow
sshd : all : deny
2.利用iptables, 限制可以連線的ip
/etc/sysconfig/iptables
example:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp \
--dport 22 -s 192.168.1.1-j ACCEPT
3.限制特殊來源與user /etc/ssh/ssh/sshd_config
example:
AllowUsers root@localhost, [email protected], [email protected], chlee
※ 引述《ying5320 (BillChen)》之銘言:
: pam_succeed_if(sshd:auth): error retrieving information about user chaya : 1
: time(s)
: pam_succeed_if(sshd:auth): error retrieving information about user carlota :
: 1 time(s)
: pam_succeed_if(sshd:auth): error retrieving information about user charisse
: : 1 time(s)
: 每天Linux的Log都會出現這種訊息
: 我在iptables的rule該怎麼寫
: 才不會出現這些不該有的攻擊?
--
1.透過TCPWrapper可以過濾, /etc/hosts.allow, 限制哪些ip可連線
example:
all : 192.168.0.0/255.255.0.0 : allow
sshd : all : deny
2.利用iptables, 限制可以連線的ip
/etc/sysconfig/iptables
example:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp \
--dport 22 -s 192.168.1.1-j ACCEPT
3.限制特殊來源與user /etc/ssh/ssh/sshd_config
example:
AllowUsers root@localhost, [email protected], [email protected], chlee
※ 引述《ying5320 (BillChen)》之銘言:
: pam_succeed_if(sshd:auth): error retrieving information about user chaya : 1
: time(s)
: pam_succeed_if(sshd:auth): error retrieving information about user carlota :
: 1 time(s)
: pam_succeed_if(sshd:auth): error retrieving information about user charisse
: : 1 time(s)
: 每天Linux的Log都會出現這種訊息
: 我在iptables的rule該怎麼寫
: 才不會出現這些不該有的攻擊?
--
All Comments