Linux 菜鸟求帮忙看看这个 fail2ban 日志..装好基本保持了默认配置..这些日志内容是什么意思?我需要做什么调整吗?

2015-01-11 21:35:37 +08:00
 bmin

Jan 11 18:40:01 default CRON[3483]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 18:40:01 default CRON[3482]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 11 18:40:01 default CRON[3482]: pam_unix(cron:session): session closed for user root
Jan 11 18:40:05 default CRON[3483]: pam_unix(cron:session): session closed for user smmsp
Jan 11 19:00:01 default CRON[3504]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 19:00:05 default CRON[3504]: pam_unix(cron:session): session closed for user smmsp
Jan 11 19:16:58 default sshd[3525]: Bad protocol version identification 'GET / HTTP/1.0' from 198.35.46.4
Jan 11 19:16:58 default sshd[3526]: Did not receive identification string from 198.35.46.4
Jan 11 19:20:01 default CRON[3529]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 19:20:06 default CRON[3529]: pam_unix(cron:session): session closed for user smmsp
Jan 11 19:40:01 default CRON[3548]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 19:40:01 default CRON[3547]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 11 19:40:01 default CRON[3547]: pam_unix(cron:session): session closed for user root
Jan 11 19:40:05 default CRON[3548]: pam_unix(cron:session): session closed for user smmsp
Jan 11 20:00:01 default CRON[3569]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 20:00:05 default CRON[3569]: pam_unix(cron:session): session closed for user smmsp
Jan 11 20:17:19 default sshd[3589]: Bad protocol version identification 'GET / HTTP/1.0' from 198.35.46.4
Jan 11 20:17:19 default sshd[3590]: Did not receive identification string from 198.35.46.4
Jan 11 20:20:01 default CRON[3593]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 20:20:05 default CRON[3593]: pam_unix(cron:session): session closed for user smmsp
Jan 11 20:40:01 default CRON[3613]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 20:40:01 default CRON[3612]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 11 20:40:01 default CRON[3612]: pam_unix(cron:session): session closed for user root
Jan 11 20:40:05 default CRON[3613]: pam_unix(cron:session): session closed for user smmsp
Jan 11 21:00:01 default CRON[3633]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 21:00:06 default CRON[3633]: pam_unix(cron:session): session closed for user smmsp
Jan 11 21:16:57 default sshd[3654]: Bad protocol version identification 'GET / HTTP/1.0' from 198.35.46.4
Jan 11 21:16:57 default sshd[3655]: Did not receive identification string from 198.35.46.4
Jan 11 21:20:01 default CRON[3658]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
Jan 11 21:20:05 default CRON[3658]: pam_unix(cron:session): session closed for user smmsp
Jan 11 21:31:11 default sshd[3676]: Accepted publickey for root from 221.218.179.63 port 52227 ssh2
Jan 11 21:31:11 default sshd[3676]: pam_unix(sshd:session): session opened for user root by (uid=0)

3567 次点击
所在节点    问与答
3 条回复
9hills
2015-01-11 22:58:45 +08:00
sshd有Key登陆这种安全方式,要fail2ban干啥,闲的慌么

fail2ban的作用是其他不安全的协议,比如不得不开的ftp等。。
bmin
2015-01-11 23:02:12 +08:00
@9hills 我是想再架个blog什么的..
9hills
2015-01-11 23:04:11 +08:00
@bmin 你首先想清楚你要fail2ban干什么?保护ssh登陆?

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/161221

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX