使用 frp 被攻击如何解决?

187 天前
 qingjiang

在查看 frp 访问日志,发现有很多不明 ip 访问,如何避免第三方人员尝试暴力破解我 rdp 远程我电脑

frp 主要是通过公网 ip 访问我本机电脑

2024/06/17 12:45:07 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [162.142.125.221:48378]
2024/06/17 12:45:10 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [162.142.125.221:60352]
2024/06/17 12:45:20 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [162.142.125.221:50120]
2024/06/17 12:45:21 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [162.142.125.221:50128]
2024/06/17 12:45:24 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [162.142.125.221:50202]
2024/06/17 12:45:26 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [162.142.125.221:50242]
2024/06/17 12:45:28 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [162.142.125.221:42014]
2024/06/17 12:45:30 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [162.142.125.221:42030]
2024/06/17 13:26:55 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [31.7.62.234:16329]

2024/06/17 17:17:07 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:19049]
2024/06/17 17:17:16 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:16324]
2024/06/17 17:17:25 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:11307]
2024/06/17 17:17:35 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:11612]
2024/06/17 17:17:51 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:25823]
2024/06/17 17:18:11 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:56210]

2024/06/17 17:21:41 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:16180]
2024/06/17 17:21:48 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:8667]
2024/06/17 17:21:56 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:1718]
2024/06/17 17:22:05 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:56618]
2024/06/17 17:22:13 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:54482]
2024/06/17 17:22:22 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:50210]
2024/06/17 17:22:29 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:46044]
2024/06/17 17:22:41 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:43085]
2024/06/17 17:22:47 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:40606]
2024/06/17 17:22:57 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:37749]

2024/06/17 17:25:12 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:57101]
2024/06/17 17:25:24 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:3258]
2024/06/17 17:25:38 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:7663]
2024/06/17 17:25:46 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:11377]
2024/06/17 17:25:56 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:12172]


2024/06/17 17:31:11 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:12566]
2024/06/17 17:31:22 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:7181]
2024/06/17 17:31:31 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:1530]
2024/06/17 17:31:36 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:55700]
2024/06/17 17:31:44 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:50725]
2024/06/17 17:31:51 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:42979]
2024/06/17 17:32:02 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:36753]
2024/06/17 17:32:16 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:24377]
2024/06/17 17:32:17 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:30330]
2024/06/17 17:32:24 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:19330]
2024/06/17 17:32:32 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:13066]
2024/06/17 17:32:41 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:9114]
2024/06/17 17:32:49 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:4523]
2024/06/17 17:32:58 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:58245]
2024/06/17 17:33:16 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:3276]
2024/06/17 17:33:37 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:12056]
2024/06/17 17:33:59 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:20584]
2024/06/17 17:34:06 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:18587]
2024/06/17 17:34:15 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:16103]
2024/06/17 17:34:25 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:16179]
2024/06/17 17:34:33 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:10687]
2024/06/17 17:34:42 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:7411]
2024/06/17 17:34:50 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:3361]


1843 次点击
所在节点    信息安全
13 条回复
Yukineko
187 天前
可以考虑用 fail2ban 拦一下连接
qingjiang
187 天前
@Yukineko 好,我试试
Edwardlyz
187 天前
考虑一下改成开放 ssh 端口,禁止密码连接,只能私钥连接,shh 到远程后再 ssh 端口转发把 3389 端口转发出来就行;简洁且难度低易上手
jimmy2010
187 天前
frp 不是可以设置密码么?客户端需要密码才能和服务端建立连接吧?
yeqizhang
187 天前
我之前是要用的时候再打开穿透远程桌面端口
yeqizhang
187 天前
@yeqizhang 在云服务器的防火墙页面设置
idragonet
187 天前
很简单 frp 只绑定 127.0.0.1 ,用 LUCKY 转发外网+设置 IP 白名单。
Paulownia
187 天前
我记得 frp 可以实现点对点通信的
haimianbihdata
187 天前
走 stcp 协议出去
hanierming
187 天前
访问就访问呗,你设置密码不就好了。
akin520
187 天前
https://github.com/akin520/frps_fw
新版本的可以试试
xiaozhang1997
187 天前
frp 上来之后 fail2ban 应该是拦不住的把 都是本地链接,我自己是强密码或者密钥登的
qingjiang
184 天前
好,大家的建议我都试试

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/1050936

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX