Ungazi kanjani ukuthi yimiphi imizamo ye-SSH engaphumelelanga eye yaba nayo iseva yethu

Alejandro (a.k.a KZKG^Gaara)

Iminithi ye-1

Kungekudala ngichazile wazi kanjani ukuthi imaphi ama-IP axhunywe yi-SSH, kepha ... kuthiwani uma igama lomsebenzisi noma iphasiwedi bekungalungile futhi bengaxhumi?

Ngamanye amagama, uma kukhona umuntu ozama ukuqagela ukuthi angangena kanjani kukhompyutha noma iseva yethu ngeSSH, sidinga ngempela ukwazi, akunjalo?

Ngokwalokho sizokwenza inqubo efanayo nokuthunyelwe kwangaphambilini, sizohlunga ilog yokufakazela ubuqiniso kepha kulokhu, ngesihlungi esihlukile:

cat /var/log/auth* | grep Failed

Kufanele baqhube umyalo ongenhla njengo izimpande, noma nge sudo ukukwenza ngezimvume zokuphatha.

Ngishiya isithombe-skrini sendlela ebukeka ngayo:

Njengoba ukwazi ukubona, ingikhombisa inyanga, usuku nesikhathi somzamo ngamunye ohlulekile, kanye nomsebenzisi abazame ukungena ngaye kanye ne-IP abazame ukungena kuyo.

Kepha lokhu kungahlelwa ngokwengeziwe, sizokusebenzisa awu ukuthuthukisa umphumela kancane:

cat /var/log/auth* | grep Failed | awk '{print $2 "-" $1 " " $3 "\t USUARIO: " $9 "\t DESDE: " $11}'

Okungenhla kungumugqa OWODWA.

Lapha sibona ukuthi bekuyobukeka kanjani:

Lo mugqa engisanda kukukhombisa wona ukuthi ungawubambi ngekhanda konke, ungakha ifayela le- alias kuye, umphumela uyefana nolayini wokuqala, ukuhleleka okuthe xaxa.

Lokhu ngiyazi ukuthi ababaningi abazokuthola kuwusizo, kepha kulabo bethu abaphatha amaseva ngiyazi ukuthi kuzosikhombisa imininingwane ethokozisayo hehe.

Phendula ngokucaphuna


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   umagazine kusho
    kwenza iminyaka 12

    Ukusetshenziswa okuhle kakhulu kwamapayipi

    Phendula ngokucaphuna

    Phendula ku-hackloper775
    1.    KZKG ^ Gaara kusho
      kwenza iminyaka 12

      Siyabonga 🙂

      Phendula ku-KZKG ^ Gaara
  2.   I-FIXOCONN kusho
    kwenza iminyaka 12

    Kuhle kakhulu okuthunyelwe okungu-2

    Phendula ku-FIXOCONN
  3.   Mystog @ N kusho
    kwenza iminyaka 12

    Bengihlala ngisebenzisa eyokuqala, ngoba angazi i-awk, kepha kuzofanele ngiyifunde

    ikati / var / log / auth * | grep Yehlulekile

    Lapha lapho ngisebenza khona, e-Faculty of Mathematics-Computation ye-Univ de Oriente eCuba, sinefektri "yabaduni abancane", abahlala beqamba izinto okungafanele futhi kumele ngibe nazo ngamehlo ayisishiyagalombili. Itimu ye-ssh ingenye yazo. Ngibonga ithiphu mfo.

    Phendula ku-Mystog @ N
  4.   Hugo kusho
    kwenza iminyaka 12

    Ukungabaza okukodwa: uma umuntu eneseva ebheke i-inthanethi kepha kuma-iptables umuntu uvula i-ssh port kuphela kumakheli athile we-MAC wangaphakathi (ake sithi yihhovisi), imizamo yokufinyelela evela kuwo wonke amanye amakheli angaphakathi izofinyelela ku-log yokuqinisekisa kanye / noma kwangaphandle? Ngoba nginokungabaza kwami.

    Phendula uHugo
    1.    KZKG ^ Gaara kusho
      kwenza iminyaka 12

      Ku-log okugcinwayo kuphela izicelo ezivunyelwe yi-firewall, kepha ezinqatshiwe noma ezivunyelwe uhlelo olunjalo (ngisho ukungena ngemvume).
      Uma i-firewall ingavumeli ukuthi kudlule izicelo ze-SSH, akukho lutho oluzofinyelela kulogi.

      Lokhu angikakuzami, kepha woza ... ngicabanga ukuthi kumele kube kanjena 😀

      Phendula ku-KZKG ^ Gaara
  5.   I-Bray kusho
    kwenza iminyaka 10

    grep -i yehlulekile /var/log/auth.log | awk '{phrinta $ 2 «-» $ 1 »» $ 3 «\ t USER:» $ 9 «\ t FROM:» $ 11}'
    rgrep -i yehlulekile / var / log / (logrotates amafolda) | awk '{phrinta $ 2 «-» $ 1 »» $ 3 «\ t USER:» $ 9 «\ t FROM:» $ 11}'

    Phendula uBray
    1.    I-Bray kusho
      kwenza iminyaka 10

      ku-centos-redhat… ..nk
      / var / log / ephephile

      Phendula uBray