V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
V2EX 提问指南
bmin
V2EX  ›  问与答

Linux 菜鸟求帮忙看看这个 fail2ban 日志..装好基本保持了默认配置..这些日志内容是什么意思?我需要做什么调整吗?

  •  
  •   bmin · 2015-01-11 21:35:37 +08:00 · 3681 次点击
    这是一个创建于 3605 天前的主题,其中的信息可能已经有所发展或是发生改变。

    Jan 11 18:40:01 default CRON[3483]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
    Jan 11 18:40:01 default CRON[3482]: pam_unix(cron:session): session opened for user root by (uid=0)
    Jan 11 18:40:01 default CRON[3482]: pam_unix(cron:session): session closed for user root
    Jan 11 18:40:05 default CRON[3483]: pam_unix(cron:session): session closed for user smmsp
    Jan 11 19:00:01 default CRON[3504]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
    Jan 11 19:00:05 default CRON[3504]: pam_unix(cron:session): session closed for user smmsp
    Jan 11 19:16:58 default sshd[3525]: Bad protocol version identification 'GET / HTTP/1.0' from 198.35.46.4
    Jan 11 19:16:58 default sshd[3526]: Did not receive identification string from 198.35.46.4
    Jan 11 19:20:01 default CRON[3529]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
    Jan 11 19:20:06 default CRON[3529]: pam_unix(cron:session): session closed for user smmsp
    Jan 11 19:40:01 default CRON[3548]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
    Jan 11 19:40:01 default CRON[3547]: pam_unix(cron:session): session opened for user root by (uid=0)
    Jan 11 19:40:01 default CRON[3547]: pam_unix(cron:session): session closed for user root
    Jan 11 19:40:05 default CRON[3548]: pam_unix(cron:session): session closed for user smmsp
    Jan 11 20:00:01 default CRON[3569]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
    Jan 11 20:00:05 default CRON[3569]: pam_unix(cron:session): session closed for user smmsp
    Jan 11 20:17:19 default sshd[3589]: Bad protocol version identification 'GET / HTTP/1.0' from 198.35.46.4
    Jan 11 20:17:19 default sshd[3590]: Did not receive identification string from 198.35.46.4
    Jan 11 20:20:01 default CRON[3593]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
    Jan 11 20:20:05 default CRON[3593]: pam_unix(cron:session): session closed for user smmsp
    Jan 11 20:40:01 default CRON[3613]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
    Jan 11 20:40:01 default CRON[3612]: pam_unix(cron:session): session opened for user root by (uid=0)
    Jan 11 20:40:01 default CRON[3612]: pam_unix(cron:session): session closed for user root
    Jan 11 20:40:05 default CRON[3613]: pam_unix(cron:session): session closed for user smmsp
    Jan 11 21:00:01 default CRON[3633]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
    Jan 11 21:00:06 default CRON[3633]: pam_unix(cron:session): session closed for user smmsp
    Jan 11 21:16:57 default sshd[3654]: Bad protocol version identification 'GET / HTTP/1.0' from 198.35.46.4
    Jan 11 21:16:57 default sshd[3655]: Did not receive identification string from 198.35.46.4
    Jan 11 21:20:01 default CRON[3658]: pam_unix(cron:session): session opened for user smmsp by (uid=0)
    Jan 11 21:20:05 default CRON[3658]: pam_unix(cron:session): session closed for user smmsp
    Jan 11 21:31:11 default sshd[3676]: Accepted publickey for root from 221.218.179.63 port 52227 ssh2
    Jan 11 21:31:11 default sshd[3676]: pam_unix(sshd:session): session opened for user root by (uid=0)

    3 条回复    2015-01-11 23:04:11 +08:00
    9hills
        1
    9hills  
       2015-01-11 22:58:45 +08:00
    sshd有Key登陆这种安全方式,要fail2ban干啥,闲的慌么

    fail2ban的作用是其他不安全的协议,比如不得不开的ftp等。。
    bmin
        2
    bmin  
    OP
       2015-01-11 23:02:12 +08:00
    @9hills 我是想再架个blog什么的..
    9hills
        3
    9hills  
       2015-01-11 23:04:11 +08:00
    @bmin 你首先想清楚你要fail2ban干什么?保护ssh登陆?
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   2974 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 23ms · UTC 00:41 · PVG 08:41 · LAX 16:41 · JFK 19:41
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.