s
nmap介绍 2009-10-14 11:39:07
http://blog.chinaunix.net/uid-291705-id-2134351.html
安全检查机器192.158.0.253开启的所有端口及服务 / port
[root@v-HYe5zbuhzKV ~]# nmap -PT 192.168.0.253
Linux服务器应注意的安全问题-ssh暴力破解--denyhosts解决
http://blog.csdn.net/qiudakun/article/details/5454277
对获取其中的ip地址和数量:# grep -o '[0-9]/{1,3/}/.[0-9]/{1,3/}/.[0-9]/{1,3/}/.[0-9]/{1,3/}' /var/log/secure | sort | uniq -c 怎么样防,如果要一条一条将这些IP阻止显然治标不治本,还好有DenyHosts软件来代替我们手搞定他。 DenyHosts是Python语言写的一个程序,它会分析sshd的日志文件,当发现重复的攻击时就会记录IP到/etc/hosts.deny文件,从而达到自动屏IP的功能。
公布一批最近企图ssh爆破我的服务器的ip-疑似肉鸡
http://blog.csdn.net/embbnux/article/details/41120323
最近发现自己的ssh一直有一些人企图使用ssh暴力破解的方式进行密码破解.就查看了一下,真是网络安全太可怕了. 大家自己的服务器密码还是要设置好,管好,做好最基本的安全措施,不然最后只能沦为肉鸡. ssh登陆日志可以在/var/log下看到,ubuntu的话为auth.log,centos为secure文件 查看那些企图暴力破解的密码的机器的ip
[root@v-HYe5zbuhzKV ~]# cat /var/log/secure|awk '/Failed/{print $(NF-3)}'|sort|uniq -c|awk '{print $2"="$1;}' > /usr/local/nginx/html/secure.html
cat /var/log/secure|awk '/Failed/{print $(NF-3)}'|sort|uniq -c|awk '{print $2"="$1;}'
103.41.124.100=900
103.41.124.102=621
103.41.124.103=618
103.41.124.104=45
103.41.124.111=678
103.41.124.112=705
103.41.124.113=324
103.41.124.12=476
103.41.124.13=171
103.41.124.14=1332
103.41.124.17=289
103.41.124.18=369
103.41.124.19=969
103.41.124.20=544
103.41.124.21=996
103.41.124.22=282
103.41.124.24=708
103.41.124.25=657
103.41.124.26=1029
103.41.124.27=363
103.41.124.28=1005
103.41.124.29=1533
103.41.124.30=52
103.41.124.31=687
103.41.124.32=579
103.41.124.33=636
103.41.124.34=678
103.41.124.35=330
103.41.124.36=1026
103.41.124.37=1053
103.41.124.38=615
103.41.124.39=333
103.41.124.40=1222
103.41.124.41=675
103.41.124.43=594
103.41.124.44=1377
103.41.124.45=585
103.41.124.46=249
103.41.124.47=987
103.41.124.48=152
103.41.124.49=1527
103.41.124.50=306
103.41.124.52=1290
103.41.124.54=327
103.41.124.56=600
103.41.124.58=648
103.41.124.59=936
103.41.124.61=714
103.41.124.62=1602
103.41.124.63=595
103.41.124.64=542
103.41.124.65=390
103.41.124.66=345
106.39.222.39=1078
107.160.22.122=17
111.203.22.57=3
111.203.22.73=264
111.74.238.8=2
113.195.145.70=645
113.195.145.79=4020
114.199.121.53=1
114.255.149.210=20
115.231.222.171=119
115.231.222.42=135
115.238.245.222=6
115.238.55.163=827
115.239.228.5=73
115.239.248.205=580
115.239.248.237=370
117.21.191.202=39
117.27.137.107=406
117.79.156.130=15
121.18.10.195=115
122.10.228.192=1446
122.225.103.125=134
122.225.103.73=358
122.225.38.23=55
123.57.134.96=2
123.57.16.135=224
124.156.65.215=1
125.7.10.201=15
137.118.101.159=1
149.129.11.56=1
149.129.128.65=1
149.129.18.234=1
149.129.24.80=1
177.220.129.122=1
180.222.190.48=20
182.100.67.102=336
182.100.67.113=6615
182.100.67.114=363
182.100.67.115=1474
182.100.67.116=12
195.154.167.194=32
200.114.113.122=1
202.101.233.106=224
202.102.135.12=9
202.134.154.141=1
202.85.211.206=754
203.153.30.171=1
210.112.121.241=1062
211.25.3.218=1
213.118.33.20=1
216.150.47.129=1
216.96.84.29=1
218.2.0.120=125
218.2.0.121=163
218.2.0.123=365
218.2.0.128=384
218.2.0.135=381
218.2.0.137=103
218.203.32.171=2
218.203.54.156=40
218.207.20.83=30
218.30.24.156=12
218.60.136.222=79
218.64.17.234=357
218.65.30.107=1017
218.65.30.73=6
218.94.133.185=36
221.226.106.188=144
221.229.160.237=203
221.6.233.62=915
222.161.4.147=23
222.186.15.239=1
222.186.30.165=4784
222.186.31.93=9
222.186.42.206=75
222.186.57.165=92
222.186.58.181=20
222.186.59.100=9
24.168.206.41=1
27.254.44.116=69
41.203.214.92=1
54.93.46.228=128
58.218.204.172=446
58.218.213.238=394
58.59.113.250=2212
59.46.79.86=259
60.173.10.132=815
60.173.12.106=814
60.173.12.98=831
60.173.14.24=827
60.173.26.165=834
60.173.26.173=867
60.173.26.187=756
60.173.26.188=800
60.173.26.206=1023
60.173.9.11=829
60.173.9.184=833
60.173.9.247=13380 安徽省铜陵市 电信
60.210.102.18=224
60.210.102.38=224
60.28.24.238=754
60.55.40.64=378
61.128.110.40=754
61.143.236.193=93
61.147.103.115=924
61.147.103.152=880
61.147.107.109=292
61.147.121.130=33
61.147.80.6=30
61.160.213.165=21
61.160.23.219=15
61.174.48.29=1478
61.174.49.105=3201
61.174.50.149=225
61.174.51.200=9
61.200.23.200=75
61.206.41.210=2
61.237.145.80=12
62.150.107.226=1
62.210.125.142=44
62.210.247.137=2
62.210.88.26=83
64.34.39.111=2
69.50.206.239=3099
72.37.135.56=1
75.86.136.163=1
76.14.116.90=1
76.14.141.24=1
82.98.168.5=47
87.117.185.80=12
91.197.131.15=1
94.136.45.192=69
94.81.232.180=31
am_limits(sshd:session): unknown limit item 'noproc'
http://www.zhanghaijun.com/post/882/
今天查看/var/log/secure日志文件,发现里面出现大量的错误,如下:
[root@localhost log]# cat /var/log/secure|more
Mar 16 00:00:01 localhost crond[11717]: pam_limits(crond:session): unknown limit item 'noproc'
Mar 16 00:00:01 localhost crond[11718]: pam_limits(crond:session): unknown limit item 'noproc'
Mar 16 00:00:01 localhost crond[11717]: pam_limits(crond:session): unknown limit item 'noproc'
Mar 16 00:00:01 localhost crond[11718]: pam_limits(crond:session): unknown limit item 'noproc'
Mar 16 00:01:01 localhost crond[11739]: pam_limits(crond:session): unknown limit item 'noproc'
Mar 16 00:01:01 localhost crond[11738]: pam_limits(crond:session): unknown limit item 'noproc'
Mar 16 00:01:01 localhost crond[11739]: pam_limits(crond:session): unknown limit item 'noproc'
Mar 16 00:01:01 localhost crond[11738]: pam_limits(crond:session): unknown limit item 'noproc'
Mar 16 00:02:01 localhost crond[11786]: pam_limits(crond:session): unknown limit item 'noproc'
Mar 16 00:02:01 localhost crond[11786]: pam_limits(crond:session): unknown limit item 'noproc'
Mar 16 00:03:01 localhost crond[11808]: pam_limits(crond:session): unknown limit item 'noproc'
Mar 16 00:03:01 localhost crond[11808]: pam_limits(crond:session): unknown limit item 'noproc'
Mar 16 00:04:01 localhost crond[11833]: pam_limits(crond:session): unknown limit item 'noproc'
几乎每分钟都有一到两个,看错误信息应该和limits.conf有关,执行 ulimit -n 看一下当前系统设置的是什么数值。
[root@localhost log]# ulimit -n
65535
打开/etc/security/limits.conf配置文件发现问题
http://dl2.iteye.com/upload/attachment/0105/8887/df698832-94d7-329d-be22-4b81e184effc.jpg
接下来我们看看配置文件中注释是怎么写的,底部画红线的部分
http://dl2.iteye.com/upload/attachment/0105/8889/5a5a4002-fc5c-3f30-811a-16d21e397b45.jpg
* soft noproc 65535
* hard noproc 65535
应该改为
* soft nproc 65535
* hard nproc 65535
才对,至此该错误解决。有碰到和我一样错误的朋友不妨看一下limits.conf文件是否也是这样写的。
linux /etc/hosts.allow和/etc/hosts.deny的配置方法
http://zhidao.baidu.com/question/542303865.html?loc_ans=1369965133
比如ftp 只允许192.168.24. 这个网段的人使用。记住,都是先允许,后拒绝的。也就是先检验是否被允许,然后才检验是否被拒绝。
hosts.allow里面这样写。vsftpd: 192.168.24.*
hosts.deny里面这样写。vsftpd: ALL
end
相关推荐
// expected port pin of the microcontroller. // char M500PcdReset(void); // _____________________________________________________________________________ // // FUNCTION: M500PcdConfig // IN: - // OUT...
#$(eval $(call nf_add,IPT_CORE,CONFIG_NETFILTER_XT_TARGET_LOG, $(P_XT)nf_log_common)) #$(eval $(call nf_add,IPT_CORE,CONFIG_NETFILTER_XT_TARGET_LOG, $(P_V4)nf_log_ipv4)) $(eval $(call nf_add,IPT_...
CCNP_Security_Secure_642-637_Official_Cert_Guide
xferlog_file=/var/log/vsftpd.log xferlog_std_format=YES chroot_local_user=YES guest_enable=YES guest_username=virtual user_config_dir=/etc/vsftpd_user_conf pam_service_name=vsftpd.vu local_enable=YES ...
Part 4 Oracle Database Security _______________________ 311 Part 5 Oracle Database Performance Tuning _____________ 340 Part 6 Oracle Automatic Storage Management (ASM) ______ 396 Part 7 Oracle Real ...
6. **策略文件**:在`jre/lib/security/java.security`文件中,定义了安全策略,它指定了哪些权限会被授予,以及在哪些情况下会被授予。 7. **权限和访问控制**:`java.security.Permission`和`java.security....
C#中的System.Net.Security命名空间提供了相关支持,而C/C++则可能需要使用OpenSSL库。 7. **日志记录**:为了审计和故障排查,FTP服务器需要记录活动,包括登录尝试、文件操作等。这可以通过标准的日志框架如log4...
在这个例子中,证书文件位于`/home/zouxi/project/FNG_A151_251/zproject/FNG_A151_251/overlay_files/device/mediatek/common/security/esky6580_we_l/releasekey.x509.pem`。 - **`releasekey.pk8`**:这是私钥...
今天网站在打开时发现提示 501 Method Not Implemented to /index.html not supported.了,我用的是apache环境了...loadmodule security_module modules/mod_security2.so loadmodule unique_id_module modules/mod_un
xferlog_file=/var/log/vsftpd.log xferlog_std_format=YES chroot_local_user=YES guest_enable=YES guest_username=virtual user_config_dir=/etc/vsftpd_user_conf pam_service_name=vsftpd.vu local_enable=YES ...
___ ___ __ __ / | __ ______/ (_) /_____/ / / /| |/ / / / __ / / __/ __ / / ___ / /_/ / /_/ / / /_/ /_/ / /_/ |_\__,_/\__,_/_/\__/\__,_/ 最佳实践审核配置主意此审核配置的想法是提供一个基本配置,该配置...
### Spring Security 多页面登录配置教程 #### 一、引言 在开发Web应用程序时,安全性和用户体验同样重要。Spring Security作为一个强大的框架,为开发者提供了丰富的功能来保护Web应用的安全。其中,支持多页面...
xferlog_file=/var/log/vsftpd.log xferlog_std_format=YES chroot_local_user=YES guest_enable=YES guest_username=vsftpd user_config_dir=/etc/vsftpd_user_conf pam_service_name=vsftpd.vu local_enable=YES ...
HPE_Security_Fortify_SCA_and_Apps_19.10_Windows下载地址,仅供学习参考使用
burpa:打p自动机 Burp Suite自动化工具 要求 Burp Suite专业版 松弛客户端 用法 $ python burpa.py -h ################################################### ... / /_/ / /_/ / / / /_/ / /_/ /
安装包的名称是IA300_Security_Client,这个ia300客户端安全组件主要提供用户登录时的密码安全服务
xferlog_file=/var/log/vsftpd.log xferlog_std_format=YES chroot_local_user=YES guest_enable=YES guest_username=vsftpd user_config_dir=/etc/vsftpd_user_conf pam_service_name=vsftpd.vu local_...
海康威视作为全球领先的安防监控设备制造商,其在数字化监控领域不断推陈出新,提供了先进的WEB3.0控件开发包,旨在帮助开发者构建更高效、更稳定的网络视频监控系统。... H.265,全称为High Efficiency Video Coding...
class="org.acegisecurity.ui.cas.CasProcessingFilter"> ref="authenticationManager" /> value="/login.do?login_error=1" /> <property name="defaultTargetUrl" value="/main.do" /> ...
flutter_secure_storage Flutter插件可将数据存储在安全存储中: 用于iOS AES加密用于Android。 AES密钥使用RSA加密,并且RSA密钥存储在用于Linux。 注意KeyStore是在Android 4.3(API级别18)中引入的。 该插件不...