{"id":1308,"date":"2015-11-29T22:47:13","date_gmt":"2015-11-29T14:47:13","guid":{"rendered":"http:\/\/pjq.me\/?p=1308"},"modified":"2015-11-29T22:47:13","modified_gmt":"2015-11-29T14:47:13","slug":"linux%e6%9c%8d%e5%8a%a1%e5%99%a8%e7%9a%84%e7%ae%80%e5%8d%95%e5%8a%a0%e5%9b%ba","status":"publish","type":"post","link":"https:\/\/pjq.me\/?p=1308","title":{"rendered":"Linux\u670d\u52a1\u5668\u7684\u7b80\u5355\u52a0\u56fa"},"content":{"rendered":"

\u6709\u4eba\u7684\u5730\u65b9, \u5c31\u6709\u6c5f\u6e56.
\n\u5728\u4e92\u8054\u7f51\u4e0a, \u6709\u7f51\u7edc\u7684\u5730\u65b9, \u5c31\u6709\u8089\u9e21.
\n\u4e00\u53f0\u88f8\u5954\u7684\u65e0\u4eba\u770b\u7ba1\u7684Linux\u670d\u52a1\u5668\u8fd8\u771f\u7684\u662f\u86ee\u5371\u9669\u7684, \u66f4\u4f55\u51b5\u53ea\u662f\u7528\u6765\u79d1\u5b66\u4e0a\u7f51\u7528\u7684.<\/p>\n

\u8fc7\u53bb\u4e00\u5e74\u5728DigitalOcean\u4e0a\u90fd\u8fd0\u884c\u7684\u597d\u597d\u7684\u670d\u52a1\u5668, \u6700\u8fd1\u4e00\u4e2a\u6708\u8fde\u7eed\u591a\u6b21\u88abDO\u7ba1\u65b9\u5173\u95ed\u8bbf\u95ee\u6743\u9650, \u5c31\u7b97\u662f\u6211\u6062\u590d\u5230\u53bb\u5e74\u5907\u4efd\u7684snapshot, \u4e5f\u662f\u540c\u6837\u7684\u60c5\u51b5, \u8fde\u7eed\u8d77\u4e86\u51e0\u53f0VPS, \u60c5\u51b5\u90fd\u5dee\u4e0d\u591a, \u800c\u6211\u6700\u7ec8\u4e5f\u6ca1\u627e\u5230\u5177\u4f53\u662f\u4ec0\u4e48\u539f\u56e0.<\/p>\n

\u5173\u95ed\u7684\u539f\u56e0\u662f, VPS\u5728\u5411\u5916\u53d1\u8d77DDos\u653b\u51fb, \u4ea7\u751f\u4e86\u5de8\u5927\u7684\u5e26\u5bbd\u6d88\u8017. \u867d\u7136\u6211\u6ca1\u6709\u60f3\u8fc7\u53bb\u653b\u51fb\u5176\u5b83\u4eba, \u4f46\u662f\u5b66\u4e60\u4e00\u4e0b\u5982\u4f55\u4fdd\u62a4\u81ea\u5df1\u8fd8\u662f\u5f88\u6709\u5fc5\u8981\u7684.<\/p>\n

\u540e\u6765\u6ca1\u6709\u529e\u6cd5, \u53ea\u80fd\u7533\u8bf7\u4e86\u6570\u636e\u5907\u4efd\u529f\u80fd, \u5728\u5b89\u5168\u6a21\u5f0f\u4e0b\u6302\u8f7d\u4e86VPS\u786c\u76d8, \u7136\u540e\u518d\u8d77\u4e86\u4e00\u53f0VPS, \u7528scp\u547d\u4ee4\u628a\u9700\u8981\u7684\u6570\u636e\u76f4\u63a5\u540c\u6b65\u5230\u4e86\u65b0\u670d\u52a1\u5668\u4e0a, \u5f53\u7136, \u5907\u4efd\u901f\u5ea6\u8fd8\u662f\u5f88\u5feb\u7684, \u6bd5\u7adf\u662f\u5728\u540c\u4e00\u4e2a\u65b0\u52a0\u5761\u673a\u623f.<\/p>\n

\u6700\u540e\u521b\u5efa\u4e86\u4e00\u4e2a\u5168\u65b0\u7684VPS, \u5e76\u5bf9\u670d\u52a1\u5668\u8fdb\u884c\u4e86\u52a0\u56fa, \u5e94\u8be5\u6ca1\u8fd9\u4e48\u5bb9\u6613\u88ab\u9ed1\u4e86.<\/p>\n

\u5b89\u88c5Fail2Ban<\/strong>
\n\u5b89\u88c5\u597d\u4e4b\u540e\u5982\u679c\u6709\u540c\u4e00IP\u591a\u6b21\u767b\u5f55\u5931\u8d25, \u914d\u7f6e\u7684\u90ae\u7bb1\u5c31\u4f1a\u6536\u5230\u8be6\u7ec6\u4fe1\u606f, \u5e76\u4e14\u8fd9\u4e2aIP\u4f1a\u88ab\u7981\u6b62\u767b\u5f55.<\/p>\n

\u7981\u6b62root ssh login<\/strong>
\n\/etc\/ssh\/sshd_config
\nPermitRootLogin no<\/code><\/p>\n

\u914d\u7f6essh publish key<\/strong>
\n\u4f7f\u7528ssh private key, \u514d\u5bc6\u7801\u767b\u5f55<\/p>\n

\u67e5\u770b\u4ece\u54ea\u4e9bIP\u53d1\u8d77\u7684\u653b\u51fb\u6700\u591a<\/strong>
\nsudo grep \"for invalid user\" \/var\/log\/auth.log|awk -F \"invalid user\" '{print $2}'|cut -d \" \" -f4|sort|uniq -c|sort -k1nr<\/code>
\n
\n842 107.150.19.184
\n839 66.135.59.253
\n447 133.242.9.92
\n242 45.64.97.177
\n224 89.248.168.35
\n216 107.170.248.84
\n125 186.5.7.98
\n94 45.64.97.51
\n82 191.205.248.38
\n76 50.114.8.34
\n73 63.223.74.54
\n30 46.246.86.148
\n28
\n28 74.208.229.197
\n24 185.22.172.116
\n20 178.73.192.113
\n20 193.104.41.54
\n16 219.235.227.190
\n14 177.208.33.159
\n10 124.158.4.82
\n<\/code><\/p>\n

\u67e5\u770b\u54ea\u4e9b\u7528\u6237\u540d\u662f\u6700\u5e38\u7528\u6765\u653b\u51fb\u7684<\/strong>
\nsudo grep \"for invalid user\" \/var\/log\/auth.log|awk -F \"invalid user\" '{print $2}'|awk -F \" \" '{print $1}'|sort|uniq -c|sort -k1nr<\/code>
\n
\n225 new
\n223 me
\n111 admin
\n88 vnc
\n84 oracle
\n68 postgres
\n66 git
\n65 ftpuser
\n61 jenkins
\n57 hadoop
\n50 tomcat
\n41 ts3
\n40 dasusr1
\n39 odoo
\n39 user
\n38 globalflash
\n38 phpmy
\n37 dspace
\n37 teamspeak
\n34 deploy
\n33 test
\n32 fmaster
\n30 newadmin
\n30 \/var\/log\/auth.log
\n29 craig
\n25 guest
\n21 a
\n21 pi
\n21 www
\n<\/code><\/p>\n

\u5e38\u7528\u7f51\u7edc\u76d1\u6d4b\u5de5\u5177<\/strong>
\nbmon slurm tcptrack iftop nethogs iptraf speedometer ifstat wavemon vnstat<\/code><\/p>\n

tcpdump\u6293\u5305\u5de5\u5177<\/strong>
\nsudo tcpdump -vvv -X -i ppp0 port 80
\nsudo tcpdump -vvv -X -i ppp0 -s 0<\/code><\/p>\n

\u53c2\u8003\u94fe\u63a5:<\/strong><\/p>\n

  • https:\/\/www.digitalocean.com\/community\/tutorials\/7-security-measures-to-protect-your-servers<\/li>\n
  • https:\/\/www.digitalocean.com\/community\/tutorials\/how-to-protect-ssh-with-fail2ban-on-centos-6<\/li>\n
  • http:\/\/askubuntu.com\/questions\/257263\/how-to-display-network-traffic-in-terminal<\/li>\n
  • https:\/\/www.digitalocean.com\/community\/tutorials\/how-to-protect-ssh-with-fail2ban-on-ubuntu-14-04<\/li>\n","protected":false},"excerpt":{"rendered":"

    \u6709\u4eba\u7684\u5730\u65b9, \u5c31\u6709\u6c5f\u6e56. \u5728\u4e92\u8054\u7f51\u4e0a, \u6709\u7f51\u7edc\u7684\u5730\u65b9, \u5c31\u6709\u8089\u9e21. \u4e00\u53f0\u88f8\u5954\u7684\u65e0\u4eba\u770b\u7ba1\u7684Linux\u670d\u52a1\u5668\u8fd8\u771f\u7684\u662f\u86ee\u5371\u9669\u7684, \u66f4\u4f55\u51b5\u53ea\u662f\u7528\u6765\u79d1\u5b66\u4e0a\u7f51\u7528\u7684. \u8fc7\u53bb\u4e00\u5e74\u5728DigitalOcean\u4e0a\u90fd\u8fd0\u884c\u7684\u597d\u597d\u7684\u670d\u52a1\u5668, \u6700\u8fd1\u4e00\u4e2a\u6708\u8fde\u7eed\u591a\u6b21\u88abDO\u7ba1\u65b9\u5173\u95ed\u8bbf\u95ee\u6743\u9650, \u5c31\u7b97\u662f\u6211\u6062\u590d\u5230\u53bb\u5e74\u5907\u4efd\u7684snapshot, \u4e5f\u662f\u540c\u6837\u7684\u60c5\u51b5, \u8fde\u7eed\u8d77\u4e86\u51e0\u53f0VPS, \u60c5\u51b5\u90fd\u5dee\u4e0d\u591a, \u800c\u6211\u6700\u7ec8\u4e5f\u6ca1\u627e\u5230\u5177\u4f53\u662f\u4ec0\u4e48\u539f\u56e0. \u5173\u95ed\u7684\u539f\u56e0\u662f, VPS\u5728\u5411\u5916\u53d1\u8d77DDos\u653b\u51fb, \u4ea7\u751f\u4e86\u5de8\u5927\u7684\u5e26\u5bbd\u6d88\u8017. \u867d\u7136\u6211\u6ca1\u6709\u60f3\u8fc7\u53bb\u653b\u51fb\u5176\u5b83\u4eba, \u4f46\u662f\u5b66\u4e60\u4e00\u4e0b\u5982\u4f55\u4fdd\u62a4\u81ea\u5df1\u8fd8\u662f\u5f88\u6709\u5fc5\u8981\u7684. \u540e\u6765\u6ca1\u6709\u529e\u6cd5, \u53ea\u80fd\u7533\u8bf7\u4e86\u6570\u636e\u5907\u4efd\u529f\u80fd, \u5728\u5b89\u5168\u6a21\u5f0f\u4e0b\u6302\u8f7d\u4e86VPS\u786c\u76d8, \u7136\u540e\u518d\u8d77\u4e86\u4e00\u53f0VPS, \u7528scp\u547d\u4ee4\u628a\u9700\u8981\u7684\u6570\u636e\u76f4\u63a5\u540c\u6b65\u5230\u4e86\u65b0\u670d\u52a1\u5668\u4e0a, \u5f53\u7136, \u5907\u4efd\u901f\u5ea6\u8fd8\u662f\u5f88\u5feb\u7684, \u6bd5\u7adf\u662f\u5728\u540c\u4e00\u4e2a\u65b0\u52a0\u5761\u673a\u623f. \u6700\u540e\u521b\u5efa\u4e86\u4e00\u4e2a\u5168\u65b0\u7684VPS, \u5e76\u5bf9\u670d\u52a1\u5668\u8fdb\u884c\u4e86\u52a0\u56fa, \u5e94\u8be5\u6ca1\u8fd9\u4e48\u5bb9\u6613\u88ab\u9ed1\u4e86. \u5b89\u88c5Fail2Ban \u5b89\u88c5\u597d\u4e4b\u540e\u5982\u679c\u6709\u540c\u4e00IP\u591a\u6b21\u767b\u5f55\u5931\u8d25, \u914d\u7f6e\u7684\u90ae\u7bb1\u5c31\u4f1a\u6536\u5230\u8be6\u7ec6\u4fe1\u606f, \u5e76\u4e14\u8fd9\u4e2aIP\u4f1a\u88ab\u7981\u6b62\u767b\u5f55. \u7981\u6b62root ssh login \/etc\/ssh\/sshd_config PermitRootLogin no<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[56,89,107,114],"class_list":["post-1308","post","type-post","status-publish","format-standard","hentry","category-linux","tag-ddos","tag-linux","tag-ssh","tag-vps"],"yoast_head":"\nLinux\u670d\u52a1\u5668\u7684\u7b80\u5355\u52a0\u56fa - Jianqing's Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/pjq.me\/?p=1308\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Linux\u670d\u52a1\u5668\u7684\u7b80\u5355\u52a0\u56fa - Jianqing's Blog\" \/>\n<meta property=\"og:description\" content=\"\u6709\u4eba\u7684\u5730\u65b9, \u5c31\u6709\u6c5f\u6e56. \u5728\u4e92\u8054\u7f51\u4e0a, \u6709\u7f51\u7edc\u7684\u5730\u65b9, \u5c31\u6709\u8089\u9e21. \u4e00\u53f0\u88f8\u5954\u7684\u65e0\u4eba\u770b\u7ba1\u7684Linux\u670d\u52a1\u5668\u8fd8\u771f\u7684\u662f\u86ee\u5371\u9669\u7684, \u66f4\u4f55\u51b5\u53ea\u662f\u7528\u6765\u79d1\u5b66\u4e0a\u7f51\u7528\u7684. \u8fc7\u53bb\u4e00\u5e74\u5728DigitalOcean\u4e0a\u90fd\u8fd0\u884c\u7684\u597d\u597d\u7684\u670d\u52a1\u5668, \u6700\u8fd1\u4e00\u4e2a\u6708\u8fde\u7eed\u591a\u6b21\u88abDO\u7ba1\u65b9\u5173\u95ed\u8bbf\u95ee\u6743\u9650, \u5c31\u7b97\u662f\u6211\u6062\u590d\u5230\u53bb\u5e74\u5907\u4efd\u7684snapshot, \u4e5f\u662f\u540c\u6837\u7684\u60c5\u51b5, \u8fde\u7eed\u8d77\u4e86\u51e0\u53f0VPS, \u60c5\u51b5\u90fd\u5dee\u4e0d\u591a, \u800c\u6211\u6700\u7ec8\u4e5f\u6ca1\u627e\u5230\u5177\u4f53\u662f\u4ec0\u4e48\u539f\u56e0. \u5173\u95ed\u7684\u539f\u56e0\u662f, VPS\u5728\u5411\u5916\u53d1\u8d77DDos\u653b\u51fb, \u4ea7\u751f\u4e86\u5de8\u5927\u7684\u5e26\u5bbd\u6d88\u8017. \u867d\u7136\u6211\u6ca1\u6709\u60f3\u8fc7\u53bb\u653b\u51fb\u5176\u5b83\u4eba, \u4f46\u662f\u5b66\u4e60\u4e00\u4e0b\u5982\u4f55\u4fdd\u62a4\u81ea\u5df1\u8fd8\u662f\u5f88\u6709\u5fc5\u8981\u7684. \u540e\u6765\u6ca1\u6709\u529e\u6cd5, \u53ea\u80fd\u7533\u8bf7\u4e86\u6570\u636e\u5907\u4efd\u529f\u80fd, \u5728\u5b89\u5168\u6a21\u5f0f\u4e0b\u6302\u8f7d\u4e86VPS\u786c\u76d8, \u7136\u540e\u518d\u8d77\u4e86\u4e00\u53f0VPS, \u7528scp\u547d\u4ee4\u628a\u9700\u8981\u7684\u6570\u636e\u76f4\u63a5\u540c\u6b65\u5230\u4e86\u65b0\u670d\u52a1\u5668\u4e0a, \u5f53\u7136, \u5907\u4efd\u901f\u5ea6\u8fd8\u662f\u5f88\u5feb\u7684, \u6bd5\u7adf\u662f\u5728\u540c\u4e00\u4e2a\u65b0\u52a0\u5761\u673a\u623f. \u6700\u540e\u521b\u5efa\u4e86\u4e00\u4e2a\u5168\u65b0\u7684VPS, \u5e76\u5bf9\u670d\u52a1\u5668\u8fdb\u884c\u4e86\u52a0\u56fa, \u5e94\u8be5\u6ca1\u8fd9\u4e48\u5bb9\u6613\u88ab\u9ed1\u4e86. \u5b89\u88c5Fail2Ban \u5b89\u88c5\u597d\u4e4b\u540e\u5982\u679c\u6709\u540c\u4e00IP\u591a\u6b21\u767b\u5f55\u5931\u8d25, \u914d\u7f6e\u7684\u90ae\u7bb1\u5c31\u4f1a\u6536\u5230\u8be6\u7ec6\u4fe1\u606f, \u5e76\u4e14\u8fd9\u4e2aIP\u4f1a\u88ab\u7981\u6b62\u767b\u5f55. \u7981\u6b62root ssh login \/etc\/ssh\/sshd_config PermitRootLogin no\" \/>\n<meta property=\"og:url\" content=\"https:\/\/pjq.me\/?p=1308\" \/>\n<meta property=\"og:site_name\" content=\"Jianqing's Blog\" \/>\n<meta property=\"article:published_time\" content=\"2015-11-29T14:47:13+00:00\" \/>\n<meta name=\"author\" content=\"pengjianqing\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"pengjianqing\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/pjq.me\/?p=1308#article\",\"isPartOf\":{\"@id\":\"https:\/\/pjq.me\/?p=1308\"},\"author\":{\"name\":\"pengjianqing\",\"@id\":\"https:\/\/pjq.me\/#\/schema\/person\/0eb1e72d1e69fbbd9b5c0bfd8e2aae60\"},\"headline\":\"Linux\u670d\u52a1\u5668\u7684\u7b80\u5355\u52a0\u56fa\",\"datePublished\":\"2015-11-29T14:47:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/pjq.me\/?p=1308\"},\"wordCount\":56,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/pjq.me\/#\/schema\/person\/0eb1e72d1e69fbbd9b5c0bfd8e2aae60\"},\"keywords\":[\"DDos\",\"Linux\",\"ssh\",\"vps\"],\"articleSection\":[\"Linux\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/pjq.me\/?p=1308#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/pjq.me\/?p=1308\",\"url\":\"https:\/\/pjq.me\/?p=1308\",\"name\":\"Linux\u670d\u52a1\u5668\u7684\u7b80\u5355\u52a0\u56fa - Jianqing's Blog\",\"isPartOf\":{\"@id\":\"https:\/\/pjq.me\/#website\"},\"datePublished\":\"2015-11-29T14:47:13+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/pjq.me\/?p=1308#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/pjq.me\/?p=1308\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/pjq.me\/?p=1308#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/pjq.me\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Linux\u670d\u52a1\u5668\u7684\u7b80\u5355\u52a0\u56fa\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/pjq.me\/#website\",\"url\":\"https:\/\/pjq.me\/\",\"name\":\"Jianqing's Blog\",\"description\":\"Thoughts and Future\",\"publisher\":{\"@id\":\"https:\/\/pjq.me\/#\/schema\/person\/0eb1e72d1e69fbbd9b5c0bfd8e2aae60\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/pjq.me\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/pjq.me\/#\/schema\/person\/0eb1e72d1e69fbbd9b5c0bfd8e2aae60\",\"name\":\"pengjianqing\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/pjq.me\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/pjq.me\/wp-content\/uploads\/2021\/12\/Screen-Shot-2021-12-02-at-6.10.58-PM.png\",\"contentUrl\":\"https:\/\/pjq.me\/wp-content\/uploads\/2021\/12\/Screen-Shot-2021-12-02-at-6.10.58-PM.png\",\"width\":460,\"height\":752,\"caption\":\"pengjianqing\"},\"logo\":{\"@id\":\"https:\/\/pjq.me\/#\/schema\/person\/image\/\"},\"url\":\"https:\/\/pjq.me\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Linux\u670d\u52a1\u5668\u7684\u7b80\u5355\u52a0\u56fa - Jianqing's Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/pjq.me\/?p=1308","og_locale":"en_US","og_type":"article","og_title":"Linux\u670d\u52a1\u5668\u7684\u7b80\u5355\u52a0\u56fa - Jianqing's Blog","og_description":"\u6709\u4eba\u7684\u5730\u65b9, \u5c31\u6709\u6c5f\u6e56. \u5728\u4e92\u8054\u7f51\u4e0a, \u6709\u7f51\u7edc\u7684\u5730\u65b9, \u5c31\u6709\u8089\u9e21. \u4e00\u53f0\u88f8\u5954\u7684\u65e0\u4eba\u770b\u7ba1\u7684Linux\u670d\u52a1\u5668\u8fd8\u771f\u7684\u662f\u86ee\u5371\u9669\u7684, \u66f4\u4f55\u51b5\u53ea\u662f\u7528\u6765\u79d1\u5b66\u4e0a\u7f51\u7528\u7684. \u8fc7\u53bb\u4e00\u5e74\u5728DigitalOcean\u4e0a\u90fd\u8fd0\u884c\u7684\u597d\u597d\u7684\u670d\u52a1\u5668, \u6700\u8fd1\u4e00\u4e2a\u6708\u8fde\u7eed\u591a\u6b21\u88abDO\u7ba1\u65b9\u5173\u95ed\u8bbf\u95ee\u6743\u9650, \u5c31\u7b97\u662f\u6211\u6062\u590d\u5230\u53bb\u5e74\u5907\u4efd\u7684snapshot, \u4e5f\u662f\u540c\u6837\u7684\u60c5\u51b5, \u8fde\u7eed\u8d77\u4e86\u51e0\u53f0VPS, \u60c5\u51b5\u90fd\u5dee\u4e0d\u591a, \u800c\u6211\u6700\u7ec8\u4e5f\u6ca1\u627e\u5230\u5177\u4f53\u662f\u4ec0\u4e48\u539f\u56e0. \u5173\u95ed\u7684\u539f\u56e0\u662f, VPS\u5728\u5411\u5916\u53d1\u8d77DDos\u653b\u51fb, \u4ea7\u751f\u4e86\u5de8\u5927\u7684\u5e26\u5bbd\u6d88\u8017. \u867d\u7136\u6211\u6ca1\u6709\u60f3\u8fc7\u53bb\u653b\u51fb\u5176\u5b83\u4eba, \u4f46\u662f\u5b66\u4e60\u4e00\u4e0b\u5982\u4f55\u4fdd\u62a4\u81ea\u5df1\u8fd8\u662f\u5f88\u6709\u5fc5\u8981\u7684. \u540e\u6765\u6ca1\u6709\u529e\u6cd5, \u53ea\u80fd\u7533\u8bf7\u4e86\u6570\u636e\u5907\u4efd\u529f\u80fd, \u5728\u5b89\u5168\u6a21\u5f0f\u4e0b\u6302\u8f7d\u4e86VPS\u786c\u76d8, \u7136\u540e\u518d\u8d77\u4e86\u4e00\u53f0VPS, \u7528scp\u547d\u4ee4\u628a\u9700\u8981\u7684\u6570\u636e\u76f4\u63a5\u540c\u6b65\u5230\u4e86\u65b0\u670d\u52a1\u5668\u4e0a, \u5f53\u7136, \u5907\u4efd\u901f\u5ea6\u8fd8\u662f\u5f88\u5feb\u7684, \u6bd5\u7adf\u662f\u5728\u540c\u4e00\u4e2a\u65b0\u52a0\u5761\u673a\u623f. \u6700\u540e\u521b\u5efa\u4e86\u4e00\u4e2a\u5168\u65b0\u7684VPS, \u5e76\u5bf9\u670d\u52a1\u5668\u8fdb\u884c\u4e86\u52a0\u56fa, \u5e94\u8be5\u6ca1\u8fd9\u4e48\u5bb9\u6613\u88ab\u9ed1\u4e86. \u5b89\u88c5Fail2Ban \u5b89\u88c5\u597d\u4e4b\u540e\u5982\u679c\u6709\u540c\u4e00IP\u591a\u6b21\u767b\u5f55\u5931\u8d25, \u914d\u7f6e\u7684\u90ae\u7bb1\u5c31\u4f1a\u6536\u5230\u8be6\u7ec6\u4fe1\u606f, \u5e76\u4e14\u8fd9\u4e2aIP\u4f1a\u88ab\u7981\u6b62\u767b\u5f55. \u7981\u6b62root ssh login \/etc\/ssh\/sshd_config PermitRootLogin no","og_url":"https:\/\/pjq.me\/?p=1308","og_site_name":"Jianqing's Blog","article_published_time":"2015-11-29T14:47:13+00:00","author":"pengjianqing","twitter_card":"summary_large_image","twitter_misc":{"Written by":"pengjianqing","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/pjq.me\/?p=1308#article","isPartOf":{"@id":"https:\/\/pjq.me\/?p=1308"},"author":{"name":"pengjianqing","@id":"https:\/\/pjq.me\/#\/schema\/person\/0eb1e72d1e69fbbd9b5c0bfd8e2aae60"},"headline":"Linux\u670d\u52a1\u5668\u7684\u7b80\u5355\u52a0\u56fa","datePublished":"2015-11-29T14:47:13+00:00","mainEntityOfPage":{"@id":"https:\/\/pjq.me\/?p=1308"},"wordCount":56,"commentCount":0,"publisher":{"@id":"https:\/\/pjq.me\/#\/schema\/person\/0eb1e72d1e69fbbd9b5c0bfd8e2aae60"},"keywords":["DDos","Linux","ssh","vps"],"articleSection":["Linux"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/pjq.me\/?p=1308#respond"]}]},{"@type":"WebPage","@id":"https:\/\/pjq.me\/?p=1308","url":"https:\/\/pjq.me\/?p=1308","name":"Linux\u670d\u52a1\u5668\u7684\u7b80\u5355\u52a0\u56fa - Jianqing's Blog","isPartOf":{"@id":"https:\/\/pjq.me\/#website"},"datePublished":"2015-11-29T14:47:13+00:00","breadcrumb":{"@id":"https:\/\/pjq.me\/?p=1308#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/pjq.me\/?p=1308"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/pjq.me\/?p=1308#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/pjq.me\/"},{"@type":"ListItem","position":2,"name":"Linux\u670d\u52a1\u5668\u7684\u7b80\u5355\u52a0\u56fa"}]},{"@type":"WebSite","@id":"https:\/\/pjq.me\/#website","url":"https:\/\/pjq.me\/","name":"Jianqing's Blog","description":"Thoughts and Future","publisher":{"@id":"https:\/\/pjq.me\/#\/schema\/person\/0eb1e72d1e69fbbd9b5c0bfd8e2aae60"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/pjq.me\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/pjq.me\/#\/schema\/person\/0eb1e72d1e69fbbd9b5c0bfd8e2aae60","name":"pengjianqing","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/pjq.me\/#\/schema\/person\/image\/","url":"https:\/\/pjq.me\/wp-content\/uploads\/2021\/12\/Screen-Shot-2021-12-02-at-6.10.58-PM.png","contentUrl":"https:\/\/pjq.me\/wp-content\/uploads\/2021\/12\/Screen-Shot-2021-12-02-at-6.10.58-PM.png","width":460,"height":752,"caption":"pengjianqing"},"logo":{"@id":"https:\/\/pjq.me\/#\/schema\/person\/image\/"},"url":"https:\/\/pjq.me\/?author=1"}]}},"views":2771,"_links":{"self":[{"href":"https:\/\/pjq.me\/index.php?rest_route=\/wp\/v2\/posts\/1308","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pjq.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pjq.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pjq.me\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pjq.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1308"}],"version-history":[{"count":0,"href":"https:\/\/pjq.me\/index.php?rest_route=\/wp\/v2\/posts\/1308\/revisions"}],"wp:attachment":[{"href":"https:\/\/pjq.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1308"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pjq.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1308"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pjq.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1308"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}