Moin,
ich habe für Freunde eine kleine Tauschbörse online die per ftp angesprochen wird. Jeder hat einen Account und Passwort.
heute mal spasseshalber in die auth.log reingeschaut und die Krise gekriegt
Code
ec 29 08:57:58 raspi sshd[31469]: Invalid user leonob from 221.234.231.190
Dec 29 08:57:58 raspi sshd[31469]: input_userauth_request: invalid user leonob [preauth]
Dec 29 08:58:02 raspi sshd[31469]: pam_unix(sshd:auth): check pass; user unknown
Dec 29 08:58:02 raspi sshd[31469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.231.234.221.broad.wh.hb.dynamic.163data.com.cn
Dec 30 05:35:47 raspi sshd[6316]: input_userauth_request: invalid user gib [preauth]
Dec 30 05:35:47 raspi sshd[6316]: pam_unix(sshd:auth): check pass; user unknown
Dec 30 05:35:47 raspi sshd[6316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.52.61.61
Dec 30 05:35:49 raspi sshd[6316]: Failed password for invalid user gib from 211.52.61.61 port 34030 ssh2
Dec 30 05:35:50 raspi sshd[6316]: Received disconnect from 211.52.61.61: 11: Bye Bye [preauth]
Dec 30 05:35:53 raspi sshd[6329]: Invalid user gibson from 211.52.61.61
Dec 30 05:35:53 raspi sshd[6329]: input_userauth_request: invalid user gibson [preauth]
Dec 30 05:35:53 raspi sshd[6329]: pam_unix(sshd:auth): check pass; user unknown
Dec 30 05:35:53 raspi sshd[6329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.52.61.61
Dec 30 05:35:54 raspi sshd[6329]: Failed password for invalid user gibson from 211.52.61.61 port 34491 ssh2
Dec 30 05:35:54 raspi sshd[6329]: Received disconnect from 211.52.61.61: 11: Bye Bye [preauth]
Dec 30 05:35:57 raspi sshd[6334]: Invalid user gil from 211.52.61.61
Dec 30 05:35:57 raspi sshd[6334]: input_userauth_request: invalid user gil [preauth]
Dec 30 05:35:57 raspi sshd[6334]: pam_unix(sshd:auth): check pass; user unknown
Dec 30 05:35:57 raspi sshd[6334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.52.61.61
Dec 30 05:36:00 raspi sshd[6334]: Failed password for invalid user gil from 211.52.61.61 port 34851 ssh2
Dec 30 05:36:00 raspi sshd[6334]: Received disconnect from 211.52.61.61: 11: Bye Bye [preauth]
Dec 30 05:36:08 raspi sshd[6338]: Invalid user gillian from 211.52.61.61
Dec 30 05:36:08 raspi sshd[6338]: input_userauth_request: invalid user gillian [preauth]
Dec 30 05:36:08 raspi sshd[6338]: pam_unix(sshd:auth): check pass; user unknown
Dec 30 05:36:08 raspi sshd[6338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.52.61.61
Dec 30 05:36:10 raspi sshd[6338]: Failed password for invalid user gillian from 211.52.61.61 port 35322 ssh2
Dec 30 05:36:11 raspi sshd[6338]: Received disconnect from 211.52.61.61: 11: Bye Bye [preauth]
Dec 30 05:36:16 raspi sshd[6351]: Invalid user gina from 211.52.61.61
Dec 30 05:36:16 raspi sshd[6351]: input_userauth_request: invalid user gina [preauth]
Dec 30 05:36:17 raspi sshd[6351]: pam_unix(sshd:auth): check pass; user unknown
Dec 30 05:36:17 raspi sshd[6351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.52.61.61
Dec 30 05:36:18 raspi sshd[6351]: Failed password for invalid user gina from 211.52.61.61 port 36150 ssh2
Dec 30 05:36:18 raspi sshd[6351]: Received disconnect from 211.52.61.61: 11: Bye Bye [preauth]
Dec 30 05:36:21 raspi sshd[6364]: Invalid user ginnie from 211.52.61.61
Dec 30 05:36:21 raspi sshd[6364]: input_userauth_request: invalid user ginnie [preauth]
Dec 30 05:36:21 raspi sshd[6364]: pam_unix(sshd:auth): check pass; user unknown
Dec 30 05:36:21 raspi sshd[6364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.52.61.61
Dec 30 05:36:24 raspi sshd[6364]: Failed password for invalid user ginnie from 211.52.61.61 port 36742 ssh2
Dec 30 05:36:24 raspi sshd[6364]: Received disconnect from 211.52.61.61: 11: Bye Bye [preauth]
Dec 30 05:36:27 raspi sshd[6368]: Invalid user giovanni from 211.52.61.61
Dec 30 05:36:27 raspi sshd[6368]: input_userauth_request: invalid user giovanni [preauth]
Dec 30 05:36:27 raspi sshd[6368]: pam_unix(sshd:auth): check pass; user unknown
Dec 30 05:36:27 raspi sshd[6368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.52.61.61
Dec 30 05:36:29 raspi sshd[6368]: Failed password for invalid user giovanni from 211.52.61.61 port 37231 ssh2
Dec 30 05:36:29 raspi sshd[6368]: Received disconnect from 211.52.61.61: 11: Bye Bye [preauth]
Dec 30 05:36:38 raspi sshd[6381]: Invalid user giselle from 211.52.61.61
Dec 30 05:36:38 raspi sshd[6381]: input_userauth_request: invalid user giselle [preauth]
Dec 30 05:36:39 raspi sshd[6381]: pam_unix(sshd:auth): check pass; user unknown
Dec 30 05:36:39 raspi sshd[6381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.52.61.61
Dec 30 05:36:40 raspi sshd[6381]: Failed password for invalid user giselle from 211.52.61.61 port 37642 ssh2
Dec 30 05:36:41 raspi sshd[6381]: Received disconnect from 211.52.61.61: 11: Bye Bye [preau
Alles anzeigen
SSH Einbrüche:
Code
ec 29 14:19:05 raspi sshd[12627]: Failed password for root from 23.227.162.146 port 60582 ssh2
Dec 29 14:19:05 raspi sshd[12627]: Received disconnect from 23.227.162.146: 11: Bye Bye [preauth]
Dec 29 14:19:08 raspi sshd[12631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23-227-162-146-customer-incero.com user=root
Dec 29 14:19:10 raspi sshd[12631]: Failed password for root from 23.227.162.146 port 35122 ssh2
Dec 29 14:19:10 raspi sshd[12631]: Received disconnect from 23.227.162.146: 11: Bye Bye [preauth]
Dec 29 14:19:12 raspi sshd[12635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23-227-162-146-customer-incero.com user=root
Dec 29 14:19:15 raspi sshd[12635]: Failed password for root from 23.227.162.146 port 37809 ssh2
Dec 29 14:19:15 raspi sshd[12635]: Received disconnect from 23.227.162.146: 11: Bye Bye [preauth]
Dec 29 14:19:17 raspi sshd[12648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23-227-162-146-customer-incero.com user=root
Dec 29 14:19:19 raspi sshd[12648]: Failed password for root from 23.227.162.146 port 40819 ssh2
Dec 29 14:19:19 raspi sshd[12648]: Received disconnect from 23.227.162.146: 11: Bye Bye [preauth]
Dec 29 14:19:22 raspi sshd[12652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23-227-162-146-customer-incero.com user=root
Dec 29 14:19:24 raspi sshd[12652]: Failed password for root from 23.227.162.146 port 43462 ssh2
Dec 29 14:19:24 raspi sshd[12652]: Received disconnect from 23.227.162.146: 11: Bye Bye [preauth]
Dec 29 14:19:26 raspi sshd[12657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23-227-162-146-customer-incero.com user=root
Dec 29 14:19:29 raspi sshd[12657]: Failed password for root from 23.227.162.146 port 46256 ssh2
Dec 29 14:19:29 raspi sshd[12657]: Received disconnect from 23.227.162.146: 11: Bye Bye [preauth]
Dec 29 14:19:32 raspi sshd[12666]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23-227-162-146-customer-incero.com user=root
Dec 29 14:19:34 raspi sshd[12666]: Failed password for root from 23.227.162.146 port 49240 ssh2
Dec 29 14:19:34 raspi sshd[12666]: Received disconnect from 23.227.162.146: 11: Bye Bye [preauth]
Dec 29 14:19:37 raspi sshd[12674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23-227-162-146-customer-incero.com user=root
Alles anzeigen
In der Zeit von 2 Uhr morgens bis um 6 keine freie Minute ohne Login Versuche !! 2.5 MB hat das File nur für einen Tag.
Da hagelt ein Daurfeuer an Einbruchsattacken auf meinen kleinen Server nieder, mehrmals am tag aber dann auch stundelang !
Über ftp, ssh, http ... sie versuchen es! Und nicht selten .cn (China) als Adresse
Was kann ich tun, damit die gar nicht merken, dass da ein Rechner dran ist?