[问题求助]请教如何阻止ssh的登陆测试 [复制链接]

经常有人测试登陆ssh.的密码。记录如下外贸




QUOTE:Failed logins f.rom t.hese:    外汇
   admin/password from. 66.63.160.36: 2. Time(s)    健康
   guest/passwor.d from 211.42.48.136: 1 .Time(s).
   guest./password from 66.63.160.36: 1 Tim.e(s)    美容
   root/passwo.rd from 66.63.160.36.: 3 Time(s)            杀毒
   test/.password from. 211.42.48.136: 1 Time(s)    外汇
   test/password fr.om 66.63.160.36: 2 Time(.s).
   user/password from 66.63..160..36: 1 Time(s)电脑
**.Unmatched Entries**电脑
Illegal user test from 211.4..2.48.136    美容
error: Could not get sh.adow i.nformation for NOUSER.
Illegal ..user guest from 211.42.48.136.
error: Could .not get shadow information for N.OUSER.
Ill.egal user test from 66.63..160.36教育
error: Could not get shadow information. for NOUSE.R.
Illegal .user guest from 66.63..160.36(        游戏          )
error: Could no.t .get shadow information for NOUSER          婚庆
Illegal user admin from 6.6..63.160.36学习
err.or: Could not get shadow i.nformation for NOUSER    美容
Ill.egal user adm.in from 66.63.160.36            杀毒
e.rror: .Could not get shadow information for NOUSER服务器
Illeg.al user user from 66.63.160.3.6虚拟主机
error: Could not get s.hadow information f.or NOUSER.
Ille.gal user .test from 66.63.160.36.
error: Could .not get shadow .information for NOUSER             汽车


虽然用 hots.deny可以阻止网段，.但是这毕竟是马后炮，请.问是否有好方法阻止。谢谢           女人

可以用IPTABLES对PORT：22做限制

修改/etc/ssh/sshd.conf文件，更改端口、监听地址。。

[quote]原帖由 "zzhenyu"]修改/etc/ssh/sshd.conf文件，更改端口、监听地址。。[/quote 发表：

进行一下扫描就出来了。

修改 /etc/sshd.conf中"ListenAddress" 的值 ,
试一下。

可以安装portsentry软件，或者iptables来设置的吧。

谢谢大家的热心回复。

总的来说，是不是只有通过先有测试记录，再通过ip封锁这个方法了？