每分钟都有一条日志,每个用户名都摘取几条,这些都是企图暴力登录的日志?
Jan 14 09:19:32 linode-gentoo sshd[13280]: Invalid user gitolite from 91.121.203.75
Jan 14 09:20:32 linode-gentoo sshd[13418]: Invalid user gitolite from 91.121.203.75
Jan 14 09:21:37 linode-gentoo sshd[13593]: Invalid user gitolite from 91.121.203.75
Jan 14 09:28:06 linode-gentoo sshd[14601]: Invalid user gitosis from 91.121.203.75
Jan 14 09:29:17 linode-gentoo sshd[14783]: Invalid user gitosis from 91.121.203.75
Jan 14 09:30:12 linode-gentoo sshd[14966]: Invalid user gitosis from 91.121.203.75
Jan 14 11:32:19 linode-gentoo sshd[2620]: Invalid user a from 77.40.50.146
Jan 14 11:32:38 linode-gentoo sshd[2664]: Invalid user jenkins from 91.121.203.75
Jan 14 11:33:44 linode-gentoo sshd[2839]: Invalid user jenkins from 91.121.203.75
Jan 14 11:34:46 linode-gentoo sshd[3004]: Invalid user jenkins from 91.121.203.75
Jan 14 12:45:24 linode-gentoo sshd[15406]: Invalid user jira from 91.121.203.75
Jan 14 12:46:34 linode-gentoo sshd[15583]: Invalid user jira from 91.121.203.75
Jan 14 12:47:35 linode-gentoo sshd[15755]: Invalid user jira from 91.121.203.75
本地用git init --bare example.git 的简单方式搭建了几个git仓库,用户用git
git:x:1005:1005::/home/git:/usr/bin/git-shell
使用了 git-shell,禁止密码登录了,还加了相关规则,安全上应该能做的都做了,.
(详细见我以前总结的
http://tech.wutianqi.com/blog/2013/12/21/set-up-a-private-git-server-simply/ )
看监听端口也只有sshd, nginx, sendmail的端口,很好奇为啥会吸引别人来尝试用户gitolite, gitosis 这些来尝试登录?难道还能扫描到我系统里有git仓库?
这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。
https://www.v2ex.com/t/97021
V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。
V2EX is a community of developers, designers and creative people.