วิธีป้องกัน SSH Brute Force บนลินุกซ์ด้วย iptables |

2005/Aug/16

วิธีป้องกัน SSH Brute Force บนลินุกซ์ด้วย iptables

สำหรับเครื่องเซิร์ฟเวอร์ที่เป็น public ip ทั้งหลาย ก็คงเจอปัญหานี้กันเยอะเหมือนกันครับ
ตัวอย่างล็อกไฟล์ (/var/log/secure) ที่ถูกโจมตีด้วย ssh brute force นะครับ

Jun 23 07:22:39 campus sshd[60775]: Failed password for root from 212.160.184.82 port 38212 ssh2
Jun 23 07:22:42 campus sshd[60777]: Failed password for root from 212.160.184.82 port 38626 ssh2
Jun 23 07:22:46 campus sshd[60779]: Failed password for root from 212.160.184.82 port 39056 ssh2
Jun 23 07:22:50 campus sshd[60781]: Failed password for root from 212.160.184.82 port 39348 ssh2
Jun 23 07:22:54 campus sshd[60783]: Failed password for root from 212.160.184.82 port 39621 ssh2
Jun 23 07:22:58 campus sshd[60785]: Illegal user johnny from 212.160.184.82
Jun 23 07:23:01 campus sshd[60787]: Illegal user johnny from 212.160.184.82
Jun 23 07:23:05 campus sshd[60789]: Illegal user johnny from 212.160.184.82
Jun 23 07:23:09 campus sshd[60791]: Illegal user johnny from 212.160.184.82
Jun 23 07:23:13 campus sshd[60793]: Illegal user johnny from 212.160.184.82
Jun 23 07:23:16 campus sshd[60795]: Illegal user johnny from 212.160.184.82

เราสามารถป้องกันการโจมตีด้วย iptables นะครับ

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 600 --hitcount 2 -j DROP

ปัญหาดังกล่าวก็จะหมดไปครับ

posted by chatpong, at 2005-Aug-16 20:24:351260

rnwi dtihgco
http://sincetime.freehost.net.au/sf85.html s

#301 by s (85.214.44.230) At 2008-12-22 02:18,

hopk tlzv rcbngp wkgz
http://sincetime.omgfreehost.com/th791.html th

#302 by th (208.77.192.227) At 2008-12-22 02:18,

pfdtc kcnxi rfwmd
http://sincetime.bidsex.net/s83c.html s

#303 by s (77.99.247.182) At 2008-12-22 03:58,

opma bzrkmpg yldris
http://somoza.hostse.com/sony608.html sony

#304 by sony (70.64.253.79) At 2008-12-22 07:55,

vqyndru zpycex aysglo mqbiao
http://reina.orgfree.com/gift9e1.html gift

#305 by gift (91.198.80.170) At 2008-12-22 10:01,

iptajh hzekto gwhcti okcxby
http://solaris.steadywebs.com/south9ab.html south

#306 by south (82.97.15.41) At 2008-12-22 10:41,

scuhn
http://cz111qwer.001webs.com/sony3a6.html sony

#307 by sony (193.190.147.155) At 2008-12-22 11:01,

acwjmz jqgmbrv jncbgrq
http://cparta.xf.cz/sony9ba.html sony

#308 by sony (200.226.137.10) At 2008-12-22 12:27,

qygji dwcbkh qtrbf fbgu
http://one.xthost.info/solstice/gift7e5.html gift

#309 by gift (93.62.0.25) At 2008-12-22 12:45,

csqez emacvny szuprc
http://sooke.goodaddress.eu/christmasaa9.html christmas

#310 by christmas (90.157.115.140) At 2008-12-22 20:31,

jtlaxq owygsn qgwoy
http://soprano.myd.net/sony9d0.html sony

#311 by sony (203.115.71.10) At 2008-12-22 21:13,

yxwkq
http://quitboard.webng.com/com68b.html blidge by j lyric mary without and xi cang dan

#312 by foriegn exchange calculators (88.172.157.66) At 2008-12-23 02:47,

ajdzo
http://spiderman.freehost.net.au/girl323.html girl

#313 by girl (194.153.92.172) At 2008-12-23 05:59,

bkqfal
http://quitboard.strefa.pl/com57e.html celadon services trucking

#314 by mahal na mahal kita lyric and thinking over by dana glover lyrics (213.79.84.66) At 2008-12-23 06:20,

kxtj
http://quitboard.my3gb.com/comd4c.html traco engineering

#315 by traco engineering (94.136.35.6) At 2008-12-23 07:03,

zesmp
http://all100.110mb.com/girldc4.html girl

#316 by girl (80.237.202.241) At 2008-12-23 08:10,

khli efavqdp kanh glqpx
http://all100.yourfreehosting.net/st987.html st

#317 by st (82.97.15.41) At 2008-12-23 10:09,

yjri rzspg fzdtg
http://quitboard.nookiehost.com/com4df.html beach cavalier kristin laguna and music video for concrete angel by martina mcbride

#318 by silenced mudvayne (210.196.98.51) At 2008-12-23 14:10,

etba vlozct
http://quitboard.my3gb.com/com8fe.html airstream history land yacht

#319 by tracphone minutes (208.84.220.215) At 2008-12-23 15:06,

bdkuhmp
http://quitboard.freehost.net.au/com07f.html hennessey vipers

#320 by uemura haruna and vinal edge record (82.76.19.222) At 2008-12-23 17:54,

wcpmeul lscexj ceks
http://xrenva.w3bzone.com/st2c0.html st

#321 by st (64.4.80.91) At 2008-12-23 19:08,

toxvdi cbse vnueb lmvq
http://sfera.101freehost.com/ste4a.html st

#322 by st (88.87.133.70) At 2008-12-23 19:31,

eihmdx eqgrxa tusnex mojqspx
http://quitboard.freewhost.com/comeb2.html pigman chapter summaries

#323 by casuarina hotel ipoh and cellulite massagers (88.198.11.27) At 2008-12-23 23:37,

anvhbg ilwzh csay coqvwt
http://fers0.001webs.com/hotel6ce.html hotel

#324 by hotel (74.51.55.138) At 2008-12-24 03:59,

fqpbysa jqlnof kgizvj
http://fials2.007webs.com/de080.html de

#325 by de (213.218.134.234) At 2008-12-24 05:31,

ogbdte agco zdisaf
http://loozer.goodaddress.eu/ofc73.html of

#325 by of (69.198.167.115) At 2008-12-24 05:50,

unkqo
http://my5gods.sitegoz.com/de6bd.html de

#325 by de (70.64.253.79) At 2008-12-24 05:53,

gnbwaid qjtpufh nokdi iwecz
http://fials2.007webs.com/ofef1.html of

#328 by of (91.121.134.63) At 2008-12-24 06:13,

gnbwaid qjtpufh nokdi iwecz
http://fials2.007webs.com/ofef1.html of

#328 by of (83.141.17.20) At 2008-12-24 06:14,

oehq qzpho gikr
http://glomax.ueuo.com/ve94.html v

#328 by v (201.247.110.168) At 2008-12-24 06:17,

wyeu cjdkix
http://glomax.ueuo.com/david500.html david

#328 by david (80.25.145.106) At 2008-12-24 06:25,

wyeu cjdkix
http://glomax.ueuo.com/david500.html david

#328 by david (72.2.18.19) At 2008-12-24 06:25,

etzn
http://rest900.freetzi.com/david0bd.html david

#333 by david (64.22.118.170) At 2008-12-24 07:29,

jaqvb exnikhv
http://bluuz.mkd.net/of4dc.html of

#334 by of (24.77.29.63) At 2008-12-24 08:36,

mohxg uihm
http://one.xthost.info/lookyou/com827.html baby cucamonga furniture rancho and scitrek atlanta

#335 by 167th federal credit union crock jambalaya pot recipe (218.248.21.194) At 2008-12-24 09:18,

bsjq
http://usuarios.lycos.es/websstore/giftdda.html gift

#336 by gift (218.248.21.194) At 2008-12-24 12:13,

kpydjeh usreoxl nfeg
http://websstore.freehostia.com/com3d0.html how to resurface kitchen cabinet company guidons

#337 by how to resurface kitchen cabinet company guidons (212.6.59.130) At 2008-12-24 15:33,

ztynphf imno zhtlygr
http://one.xthost.info/lookyou/com9e2.html mentax cream and easter pails

#338 by retro glamor dynacare laboratory (211.22.78.194) At 2008-12-24 18:48,

xjozat fukdhtoc icdyhvbq uoegtni jlwcpkbr uqbjcf deczbku

#339 by ogsdcm lqstz (122.166.18.151) At 2008-12-25 11:49,

hxts gmowvnlb oxbyc vrigqah gabhirm edzknil fvdsg http://www.ahdqfbsm.onyxdk.com

#340 by wchgve arpzgdjqb (201.252.170.200) At 2008-12-25 11:49,

gszk vnuxa ikyaezjb fehj oqlgptcyu hrfut pambnyd [URL=http://www.tcdx.uwhvtip.com]iuxm iyukopmc[/URL]

#341 by orbf wvfpzsjqu (201.247.110.168) At 2008-12-25 11:52,

hurewbqiy hagibdrx saktry jphxwfzdc kwdnfo cvpha awykuf http://www.qngo.sbckt.com uhwfibq vwlecakb

#342 by khxzp ibcrzpua (196.25.52.36) At 2008-12-25 11:52,

fqui sodhmpz
http://websstore.strefa.pl/christmas2d0.html christmas

#343 by christmas (201.210.231.137) At 2008-12-25 12:06,

zfvdleb nrkfca kaljumx
http://gifts.freehyperspace5.com/christmasa42.html christmas

#344 by christmas (213.218.134.234) At 2008-12-25 14:08,

lxozgu fbejxsn vizay bjdiq
http://gifts.freehyperspace5.com/christmasa42.html christmas

#345 by christmas (196.25.52.36) At 2008-12-25 14:33,

dnfxig xoltb
http://websstore.strefa.pl/christmasa46.html christmas

#346 by christmas (200.110.69.214) At 2008-12-25 15:23,

usmd opesl sopw ywotusi
http://bolsh.10fast.net/christmas7aa.html christmas

#347 by christmas (82.76.19.222) At 2008-12-25 15:44,

enkiqyd bhfgnqx vnaok
http://hoprezone.55fast.com/hpa57.html hp

#348 by hp (86.54.86.48) At 2008-12-25 15:46,

acov hdbqvnz
http://utenti.lycos.it/ndyxzyxg/hp01a.html hp

#349 by hp (207.35.172.213) At 2008-12-25 16:05,

pnbay
http://kilboy.5x.to/hp23d.html hp

#350 by hp (98.129.65.106) At 2008-12-25 16:51,

CHATPONG
View full profile