linux – SSH攻击在10小时内耗尽4GB.可能？

概述我被警告我的服务器打破了转移限制.我认为我的Tor节点变得流行,所以我选择在本月禁用它(不是社区的最佳选择,但我需要关闭).然后我注意到服务器今晚转移了大约4GB.我用Awstats检查了Apache日志,没有相关流量(我没有在那里托管这么受欢迎的网站).我检查了邮件日志,没有人试图发送垃圾.我检查了消息日志,发现了大量的这些 Apr 29 10:17:53 marcus sshd[9281]: 我被警告我的服务器打破了转移限制.我认为我的Tor节点变得流行,所以我选择在本月禁用它(不是社区的最佳选择,但我需要关闭).然后我注意到服务器今晚转移了大约4GB.我用Awstats检查了Apache日志,没有相关流量(我没有在那里托管这么受欢迎的网站).我检查了邮件日志,没有人试图发送垃圾.我检查了消息日志,发现了大量的这些

Apr 29 10:17:53 marcus sshd[9281]: DID not receive IDentification string from 85.170.189.156Apr 29 10:18:07 marcus sshd[9283]: DID not receive IDentification string from 86.208.123.132Apr 29 10:18:24 marcus sshd[9298]: DID not receive IDentification string from 85.170.189.156Apr 29 10:18:39 marcus sshd[9303]: DID not receive IDentification string from 86.208.123.132Apr 29 10:18:56 marcus sshd[9306]: DID not receive IDentification string from 85.170.189.156Apr 29 10:19:11 marcus sshd[9309]: DID not receive IDentification string from 86.208.123.132Apr 29 10:19:18 marcus sshd[9312]: DID not receive IDentification string from 101.98.178.92Apr 29 10:19:27 marcus sshd[9314]: DID not receive IDentification string from 85.170.189.156Apr 29 10:19:41 marcus sshd[9317]: DID not receive IDentification string from 86.208.123.132Apr 29 10:20:01 marcus sshd[9321]: DID not receive IDentification string from 85.170.189.156Apr 29 10:20:13 marcus sshd[9324]: DID not receive IDentification string from 86.208.123.132Apr 29 10:20:32 marcus sshd[9327]: DID not receive IDentification string from 85.170.189.156Apr 29 10:20:48 marcus sshd[9331]: DID not receive IDentification string from 86.208.123.132Apr 29 10:21:07 marcus sshd[9336]: DID not receive IDentification string from 85.170.189.156Apr 29 10:21:20 marcus sshd[9338]: DID not receive IDentification string from 86.208.123.132Apr 29 10:21:35 marcus sshd[9341]: DID not receive IDentification string from 85.170.189.156Apr 29 10:21:51 marcus sshd[9344]: DID not receive IDentification string from 86.208.123.132Apr 29 10:22:06 marcus sshd[9349]: DID not receive IDentification string from 85.170.189.156Apr 29 10:22:23 marcus sshd[9353]: DID not receive IDentification string from 86.208.123.132Apr 29 10:22:39 marcus sshd[9359]: DID not receive IDentification string from 85.170.189.156Apr 29 10:22:54 marcus sshd[9361]: DID not receive IDentification string from 86.208.123.132Apr 29 10:23:10 marcus sshd[9367]: DID not receive IDentification string from 85.170.189.156Apr 29 10:23:29 marcus sshd[9369]: DID not receive IDentification string from 86.208.123.132Apr 29 10:23:45 marcus sshd[9375]: DID not receive IDentification string from 85.170.189.156Apr 29 10:24:10 marcus sshd[9387]: DID not receive IDentification string from 86.208.123.132Apr 29 10:24:16 marcus sshd[9388]: DID not receive IDentification string from 85.170.189.156

每隔几秒钟,机器人就会试图破解我的SSH,这是不可能的,因为我需要进行pubkey身份验证.我的问题是：在这个频率下,这种流量能否在10小时的连续攻击中消耗4GB(比方说3.5)？

我已经改变了我的SSH端口并阻止了这些攻击,但我不确定我的网络消耗.我没有失控的服务运行 – 我的防火墙有点限制 – 或与滥用P2P或其他什么的人分享服务器.我担心的是每月低于400GB.

有小费吗？

解决方法 4 GB是可能的,但考虑到攻击率非常不可能.我建议安装OSSEC,它会检测中断尝试并在一定时间内自动阻止IP. 总结

以上是内存溢出为你收集整理的linux – SSH攻击在10小时内耗尽4GB.可能？全部内容，希望文章能够帮你解决linux – SSH攻击在10小时内耗尽4GB.可能？所遇到的程序开发问题。

如果觉得内存溢出网站内容还不错，欢迎将内存溢出网站推荐给程序员好友。