我的root密码很简单, 机子几乎整天连在网上,请问容易被入侵吗?谢谢

danielliu · 发表于 2010-7-21 19:37:12

家的电脑基本上是365X24上网（adsl动态IP），root的passwd15位以上，开了ssh

我每天都能看到很多通过ssh连接我的电脑的。

可以看到频率还是相当高的。以下是6月份的记录：从以下记录可以看出有很多无聊的人天天在网上进行端口扫描，只要发现在开改的ssh端口，就用字典攻击。我没有改ssh的default端口22，(以前改成2222后就少了很多，后来还是改回22了)

Jun  4 07:28:01 T41 sshd[20361]: Invalid user globus from 61.132.145.247
Jun  4 07:28:02 T41 sshd[20363]: Invalid user condor from 61.132.145.247
Jun  4 07:28:02 T41 sshd[20365]: Invalid user tomcat from 61.132.145.247
Jun  4 07:28:03 T41 sshd[20367]: Invalid user global from 61.132.145.247
Jun  4 07:30:14 T41 sshd[20406]: Invalid user globus from 61.132.145.247
Jun  4 07:30:15 T41 sshd[20408]: Invalid user condor from 61.132.145.247
Jun  4 07:30:16 T41 sshd[20410]: Invalid user marine from 61.132.145.247
Jun  4 07:30:16 T41 sshd[20412]: Invalid user tomcat from 61.132.145.247
Jun  5 00:24:36 T41 sshd[32041]: Invalid user admin from 222.127.26.187
Jun  5 00:24:49 T41 sshd[32047]: Invalid user stud from 222.127.26.187
Jun  5 00:24:57 T41 sshd[32050]: Invalid user trash from 222.127.26.187
Jun  5 04:24:47 T41 sshd[11812]: Invalid user admin from 123.15.41.98
Jun  5 04:24:48 T41 sshd[11814]: Invalid user test from 123.15.41.98
Jun  5 23:05:32 T41 sshd[6692]: Invalid user admin from 222.247.48.187
Jun  5 23:05:34 T41 sshd[6694]: Invalid user test from 222.247.48.187
Jun  5 23:05:36 T41 sshd[6696]: Invalid user guest from 222.247.48.187
Jun  6 04:41:47 T41 sshd[13597]: Invalid user postgres from 121.14.118.4
Jun  6 04:41:49 T41 sshd[13599]: Invalid user postgres from 121.14.118.4
Jun  6 04:41:51 T41 sshd[13601]: Invalid user postgres from 121.14.118.4
Jun  6 04:41:53 T41 sshd[13603]: Invalid user postgres from 121.14.118.4
Jun  6 07:33:10 T41 sshd[14245]: Invalid user juliana from 123.124.158.77
Jun  6 07:33:11 T41 sshd[14247]: Invalid user asterisk from 123.124.158.77
Jun  6 07:33:11 T41 sshd[14249]: Invalid user desarrollo from 123.124.158.77
Jun  6 07:33:12 T41 sshd[14251]: Invalid user debian from 123.124.158.77
Jun  6 10:33:52 T41 sshd[16470]: Invalid user oracle from 58.215.65.2
Jun  6 20:22:43 T41 sshd[19369]: Invalid user fluffy from 216.66.73.161
Jun  6 20:22:47 T41 sshd[19371]: Invalid user admin from 216.66.73.161
Jun  6 20:22:50 T41 sshd[19397]: Invalid user test from 216.66.73.161
Jun  7 00:30:21 T41 sshd[19641]: Invalid user admin from 119.188.7.151
Jun  7 00:30:22 T41 sshd[19645]: Invalid user stud from 119.188.7.151
Jun  7 00:30:23 T41 sshd[19647]: Invalid user trash from 119.188.7.151
Jun  8 08:50:27 T41 sshd[5045]: Invalid user admin from 60.18.158.138
Jun  8 08:50:27 T41 sshd[5047]: Invalid user test from 60.18.158.138
Jun  8 08:50:28 T41 sshd[5049]: Invalid user guest from 60.18.158.138
Jun  8 17:16:30 T41 sshd[6928]: Invalid user delta from 219.149.43.254
Jun  8 17:16:31 T41 sshd[6930]: Invalid user admin from 219.149.43.254
Jun  8 17:16:32 T41 sshd[6932]: Invalid user test from 219.149.43.254
Jun  9 15:54:13 T41 sshd[11400]: Invalid user fax from 219.143.116.159
Jun  9 15:54:13 T41 sshd[11402]: Invalid user uploader from 219.143.116.159
Jun  9 15:54:14 T41 sshd[11404]: Invalid user upload from 219.143.116.159
Jun  9 15:54:15 T41 sshd[11406]: Invalid user uploader from 219.143.116.159
Jun  9 20:33:41 T41 sshd[13764]: Invalid user admin from 219.141.223.53
Jun  9 20:33:42 T41 sshd[13766]: Invalid user administrator from 219.141.223.53
Jun  9 20:33:43 T41 sshd[13768]: Invalid user oracle from 219.141.223.53
Jun  9 22:35:01 T41 sshd[25183]: Invalid user a from 211.254.130.116
Jun  9 22:35:02 T41 sshd[25185]: Invalid user a from 211.254.130.116
Jun  9 22:35:03 T41 sshd[25187]: Invalid user aa from 211.254.130.116
Jun  9 22:35:04 T41 sshd[25189]: Invalid user aaa from 211.254.130.116
Jun 10 22:50:32 T41 sshd[14797]: Invalid user admin from 221.130.159.182
Jun 10 22:50:34 T41 sshd[14799]: Invalid user cindy from 221.130.159.182
Jun 10 22:50:35 T41 sshd[14801]: Invalid user anna from 221.130.159.182
Jun 10 22:50:37 T41 sshd[14803]: Invalid user image from 221.130.159.182
Jun 11 12:40:28 T41 sshd[29912]: Invalid user staff from 89.211.52.75
Jun 11 12:40:37 T41 sshd[29914]: Invalid user sales from 89.211.52.75
Jun 11 12:40:41 T41 sshd[29916]: Invalid user recruit from 89.211.52.75
Jun 11 12:40:45 T41 sshd[29918]: Invalid user alias from 89.211.52.75
Jun 12 04:27:31 T41 sshd[18643]: Invalid user junoir from 115.145.137.136
Jun 12 04:27:32 T41 sshd[18645]: Invalid user senior from 115.145.137.136
Jun 12 04:27:33 T41 sshd[18647]: Invalid user jboss from 115.145.137.136
Jun 12 04:27:33 T41 sshd[18649]: Invalid user walter from 115.145.137.136
Jun 12 10:43:53 T41 sshd[20097]: Invalid user test from 66.235.214.154
Jun 12 12:15:28 T41 sshd[20687]: Invalid user staff from 119.188.7.177
Jun 12 12:15:28 T41 sshd[20689]: Invalid user sales from 119.188.7.177
Jun 12 12:15:34 T41 sshd[20691]: Invalid user recruit from 119.188.7.177
Jun 12 12:15:40 T41 sshd[20693]: Invalid user alias from 119.188.7.177
Jun 13 00:28:35 T41 sshd[23757]: Invalid user test from 222.200.160.39
Jun 13 00:28:36 T41 sshd[23759]: Invalid user serv from 222.200.160.39
Jun 13 07:03:56 T41 sshd[25526]: Invalid user a from 59.108.76.180
Jun 13 07:03:57 T41 sshd[25528]: Invalid user b from 59.108.76.180
Jun 13 07:03:57 T41 sshd[25530]: Invalid user c from 59.108.76.180
Jun 14 19:06:42 T41 sshd[2669]: Invalid user simoni from 74.205.241.29
Jun 14 19:06:46 T41 sshd[2797]: Invalid user dilli from 74.205.241.29
Jun 15 09:57:07 T41 sshd[6528]: Invalid user test from 202.22.251.75
Jun 15 09:57:09 T41 sshd[6530]: Invalid user test1 from 202.22.251.75
Jun 15 09:57:12 T41 sshd[6532]: Invalid user test2 from 202.22.251.75
Jun 15 09:57:15 T41 sshd[6534]: Invalid user test3 from 202.22.251.75
Jun 16 00:09:45 T41 sshd[27620]: Invalid user goto from 111.177.111.82
Jun 16 00:09:47 T41 sshd[27622]: Invalid user hiroyuki from 111.177.111.82
Jun 16 00:25:02 T41 sshd[28063]: Invalid user a from 222.191.249.134
Jun 16 00:25:03 T41 sshd[28065]: Invalid user a from 222.191.249.134
Jun 16 00:25:05 T41 sshd[28067]: Invalid user aa from 222.191.249.134
Jun 16 00:25:06 T41 sshd[28069]: Invalid user aaa from 222.191.249.134
Jun 16 13:55:19 T41 sshd[10547]: Invalid user user3 from 219.159.77.90
Jun 16 14:18:56 T41 sshd[10627]: Invalid user alexandra from 78.131.140.5
Jun 16 14:19:01 T41 sshd[10629]: Invalid user alexandra from 78.131.140.5
Jun 16 14:19:05 T41 sshd[10631]: Invalid user alexandra from 78.131.140.5
Jun 16 14:19:15 T41 sshd[10633]: Invalid user alexandra from 78.131.140.5
Jun 17 01:34:50 T41 sshd[9164]: Invalid user a from 76.164.36.34
Jun 17 01:34:54 T41 sshd[9166]: Invalid user b from 76.164.36.34
Jun 17 01:34:57 T41 sshd[9168]: Invalid user c from 76.164.36.34
Jun 17 05:56:28 T41 sshd[12391]: Invalid user fluffy from 190.54.18.196
Jun 17 05:56:32 T41 sshd[12393]: Invalid user admin from 190.54.18.196
Jun 17 05:56:39 T41 sshd[12395]: Invalid user test from 190.54.18.196
Jun 19 10:40:22 T41 sshd[14711]: Invalid user shit from 125.77.107.212
Jun 20 07:38:39 T41 sshd[18442]: Invalid user user from 61.136.60.33
Jun 20 07:38:39 T41 sshd[18444]: Invalid user admin from 61.136.60.33
Jun 21 17:01:30 T41 sshd[7320]: Invalid user shit from 125.77.107.212
Jun 23 06:41:38 T41 sshd[9354]: Invalid user nagios from 220.73.161.189
Jun 24 14:44:53 T41 sshd[14187]: Invalid user jhlee from 58.180.17.51
Jun 24 14:44:55 T41 sshd[14189]: Invalid user jhlee from 58.180.17.51
Jun 24 14:44:56 T41 sshd[14191]: Invalid user jhlee from 58.180.17.51
Jun 24 14:45:02 T41 sshd[14193]: Invalid user jhlee from 58.180.17.51
Jun 25 01:00:41 T41 sshd[17021]: Invalid user sato from 118.145.4.123
Jun 25 01:00:42 T41 sshd[17023]: Invalid user suzuki from 118.145.4.123
Jun 25 08:00:07 T41 sshd[19434]: Invalid user qatester from 218.94.78.181
Jun 25 08:00:08 T41 sshd[19436]: Invalid user developer from 218.94.78.181
Jun 25 08:00:08 T41 sshd[19438]: Invalid user java from 218.94.78.181
Jun 25 08:00:09 T41 sshd[19440]: Invalid user aspnet from 218.94.78.181
Jun 25 08:02:16 T41 sshd[19442]: Invalid user feedback from 218.94.78.181
Jun 25 08:02:17 T41 sshd[19444]: Invalid user bva from 218.94.78.181
Jun 25 08:02:18 T41 sshd[19446]: Invalid user claro from 218.94.78.181
Jun 25 08:02:18 T41 sshd[19448]: Invalid user vpn from 218.94.78.181
Jun 25 08:05:46 T41 sshd[19464]: Invalid user log from 218.94.78.181
Jun 25 08:05:46 T41 sshd[19466]: Invalid user qmailq from 218.94.78.181
Jun 25 08:07:55 T41 sshd[19468]: Invalid user user from 218.94.78.181
Jun 25 08:07:56 T41 sshd[19470]: Invalid user student from 218.94.78.181
Jun 25 08:07:57 T41 sshd[19472]: Invalid user mailer from 218.94.78.181
Jun 25 08:07:57 T41 sshd[19474]: Invalid user office from 218.94.78.181
Jun 25 08:11:32 T41 sshd[19522]: Invalid user remote from 218.94.78.181
Jun 25 08:11:32 T41 sshd[19524]: Invalid user bmw from 218.94.78.181
Jun 25 08:11:33 T41 sshd[19526]: Invalid user named from 218.94.78.181
Jun 25 08:11:34 T41 sshd[19528]: Invalid user pgsql from 218.94.78.181
Jun 25 23:21:06 T41 sshd[31541]: Invalid user raimundo from 200.23.209.216
Jun 25 23:21:13 T41 sshd[31543]: Invalid user joan from 200.23.209.216
Jun 25 23:21:22 T41 sshd[31545]: Invalid user download from 200.23.209.216
Jun 25 23:21:29 T41 sshd[31547]: Invalid user test from 200.23.209.216
Jun 26 19:39:50 T41 sshd[21201]: Invalid user admin from 219.153.49.153
Jun 27 02:26:19 T41 sshd[7281]: Invalid user a from 222.168.44.110
Jun 27 02:26:21 T41 sshd[7283]: Invalid user a from 222.168.44.110
Jun 27 02:26:24 T41 sshd[7285]: Invalid user aa from 222.168.44.110
Jun 27 02:26:26 T41 sshd[7287]: Invalid user aaa from 222.168.44.110
Jun 27 04:42:03 T41 sshd[7841]: Invalid user nagios from 85.17.199.99
Jun 27 04:42:07 T41 sshd[7843]: Invalid user shoutcast from 85.17.199.99
Jun 27 04:42:11 T41 sshd[7845]: Invalid user test from 85.17.199.99
Jun 28 01:53:25 T41 sshd[7646]: Invalid user shm from 180.68.206.31
Jun 28 01:53:28 T41 sshd[7648]: Invalid user cest from 180.68.206.31
Jun 29 06:57:04 T41 sshd[10862]: Invalid user test from 202.109.12.231
Jun 29 06:57:05 T41 sshd[10864]: Invalid user test1 from 202.109.12.231
Jun 29 06:57:06 T41 sshd[10868]: Invalid user oracle from 202.109.12.231
Jun 30 14:05:33 T41 sshd[28881]: Invalid user staff from 212.47.10.59
Jun 30 14:05:37 T41 sshd[28883]: Invalid user sales from 212.47.10.59
Jun 30 14:05:41 T41 sshd[28885]: Invalid user recruit from 212.47.10.59
Jun 30 14:05:45 T41 sshd[28887]: Invalid user alias from 212.47.10.59

溺水三千 · 发表于 2010-7-21 21:21:59

Post by danielliu;2104489
家的电脑基本上是365X24上网（adsl动态IP），root的passwd15位以上，开了ssh

我每天都能看到很多通过ssh连接我的电脑的。

可以看到频率还是相当高的。以下是6月份的记录：从以下记录可以看出有很多无聊的人天天在网上进行端口扫描，只要发现在开改的ssh端口，就用字典攻击。我没有改ssh的default端口22，(以前改成2222后就少了很多，后来还是改回22了)

所以基本上,使用ssh的童鞋,务必要用denyhosts一起配置着使用。

waterloo2005 · 发表于 2010-7-21 21:30:50

ssh没用过，
是不是用/etc/init.d/sshd status查看是否开启？
我的gentoo是当个人桌面用的，没用过远程登录。

AutoXBC · 发表于 2010-7-21 22:06:34

你在路由后面，不做特殊的端口映射自己在办公室想连回家里都不行，别人就更连接不了，扫描也无从谈起。

yafeng · 发表于 2010-7-21 22:38:25

无安全意识的裸奔用户路过……期待某天硬盘上的数据被cracker清空……

waterloo2005 · 发表于 2010-7-21 23:03:53

Post by AutoXBC;2104517
你在路由后面，不做特殊的端口映射自己在办公室想连回家里都不行，别人就更连接不了，扫描也无从谈起。

我在路由器的设置中映射了一些端口

AutoXBC · 发表于 2010-7-21 23:08:14

相信不包括 ssh 的默认端口。

waterloo2005 · 发表于 2010-7-21 23:26:01

Post by AutoXBC;2104527
相信不包括 ssh 的默认端口。

gentoo 我用固定地址192.168.2.100 端口60005－60009，是给rtorrent用。
这样安全吗？谢谢

firefoxmmx · 发表于 2010-7-22 09:24:28

Post by yafeng;2104521
无安全意识的裸奔用户路过……期待某天硬盘上的数据被cracker清空……

小伙儿，你太狂妄了。。。

AutoXBC · 发表于 2010-7-22 09:26:25

Post by waterloo2005;2104530
gentoo 我用固定地址192.168.2.100 端口60005－60009，是给rtorrent用。
这样安全吗？谢谢

没什么问题。

		自动登录	找回密码
密码			注册

我的root密码很简单, 机子几乎整天连在网上,请问容易被入侵吗?谢谢

浏览过的版块