V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
qingjiang
V2EX  ›  信息安全

使用 frp 被攻击如何解决?

  •  
  •   qingjiang · 186 天前 · 1840 次点击
    这是一个创建于 186 天前的主题,其中的信息可能已经有所发展或是发生改变。

    在查看 frp 访问日志,发现有很多不明 ip 访问,如何避免第三方人员尝试暴力破解我 rdp 远程我电脑

    frp 主要是通过公网 ip 访问我本机电脑

    2024/06/17 12:45:07 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [162.142.125.221:48378]
    2024/06/17 12:45:10 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [162.142.125.221:60352]
    2024/06/17 12:45:20 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [162.142.125.221:50120]
    2024/06/17 12:45:21 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [162.142.125.221:50128]
    2024/06/17 12:45:24 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [162.142.125.221:50202]
    2024/06/17 12:45:26 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [162.142.125.221:50242]
    2024/06/17 12:45:28 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [162.142.125.221:42014]
    2024/06/17 12:45:30 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [162.142.125.221:42030]
    2024/06/17 13:26:55 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [31.7.62.234:16329]
    
    2024/06/17 17:17:07 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:19049]
    2024/06/17 17:17:16 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:16324]
    2024/06/17 17:17:25 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:11307]
    2024/06/17 17:17:35 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:11612]
    2024/06/17 17:17:51 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:25823]
    2024/06/17 17:18:11 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:56210]
    
    2024/06/17 17:21:41 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:16180]
    2024/06/17 17:21:48 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:8667]
    2024/06/17 17:21:56 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:1718]
    2024/06/17 17:22:05 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:56618]
    2024/06/17 17:22:13 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:54482]
    2024/06/17 17:22:22 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:50210]
    2024/06/17 17:22:29 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:46044]
    2024/06/17 17:22:41 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:43085]
    2024/06/17 17:22:47 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:40606]
    2024/06/17 17:22:57 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:37749]
    
    2024/06/17 17:25:12 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:57101]
    2024/06/17 17:25:24 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:3258]
    2024/06/17 17:25:38 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:7663]
    2024/06/17 17:25:46 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:11377]
    2024/06/17 17:25:56 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:12172]
    
    
    2024/06/17 17:31:11 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:12566]
    2024/06/17 17:31:22 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:7181]
    2024/06/17 17:31:31 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:1530]
    2024/06/17 17:31:36 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:55700]
    2024/06/17 17:31:44 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:50725]
    2024/06/17 17:31:51 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:42979]
    2024/06/17 17:32:02 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:36753]
    2024/06/17 17:32:16 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:24377]
    2024/06/17 17:32:17 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:30330]
    2024/06/17 17:32:24 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:19330]
    2024/06/17 17:32:32 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:13066]
    2024/06/17 17:32:41 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:9114]
    2024/06/17 17:32:49 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:4523]
    2024/06/17 17:32:58 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:58245]
    2024/06/17 17:33:16 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:3276]
    2024/06/17 17:33:37 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:12056]
    2024/06/17 17:33:59 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:20584]
    2024/06/17 17:34:06 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:18587]
    2024/06/17 17:34:15 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:16103]
    2024/06/17 17:34:25 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:16179]
    2024/06/17 17:34:33 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:10687]
    2024/06/17 17:34:42 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:7411]
    2024/06/17 17:34:50 [I] [proxy.go:199] [d12af7f62628267f] [RDP] get a user connection [87.246.7.222:3361]
    
    
    
    13 条回复    2024-06-22 22:57:16 +08:00
    Yukineko
        1
    Yukineko  
       186 天前
    可以考虑用 fail2ban 拦一下连接
    qingjiang
        2
    qingjiang  
    OP
       186 天前
    @Yukineko 好,我试试
    Edwardlyz
        3
    Edwardlyz  
       186 天前
    考虑一下改成开放 ssh 端口,禁止密码连接,只能私钥连接,shh 到远程后再 ssh 端口转发把 3389 端口转发出来就行;简洁且难度低易上手
    jimmy2010
        4
    jimmy2010  
       186 天前 via Android
    frp 不是可以设置密码么?客户端需要密码才能和服务端建立连接吧?
    yeqizhang
        5
    yeqizhang  
       186 天前 via Android
    我之前是要用的时候再打开穿透远程桌面端口
    yeqizhang
        6
    yeqizhang  
       186 天前 via Android
    @yeqizhang 在云服务器的防火墙页面设置
    idragonet
        7
    idragonet  
       186 天前
    很简单 frp 只绑定 127.0.0.1 ,用 LUCKY 转发外网+设置 IP 白名单。
    Paulownia
        8
    Paulownia  
       186 天前
    我记得 frp 可以实现点对点通信的
    haimianbihdata
        9
    haimianbihdata  
       186 天前 via Android   ❤️ 1
    走 stcp 协议出去
    hanierming
        10
    hanierming  
       185 天前
    访问就访问呗,你设置密码不就好了。
    akin520
        11
    akin520  
       185 天前
    https://github.com/akin520/frps_fw
    新版本的可以试试
    xiaozhang1997
        12
    xiaozhang1997  
       185 天前
    frp 上来之后 fail2ban 应该是拦不住的把 都是本地链接,我自己是强密码或者密钥登的
    qingjiang
        13
    qingjiang  
    OP
       183 天前
    好,大家的建议我都试试
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   4891 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 451ms · UTC 01:17 · PVG 09:17 · LAX 17:17 · JFK 20:17
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.