NeWorld

Sagumas

Kovojame prieš SSH bruteforce

by neworld on Geg.07, 2008, under Administravimas, Sagumas, Serveris

jau ne pirmą dieną loguose pastebiu maždaug tokias eilutes:

May 5 20:51:05 server sshd(pam_unix)[15951]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59-106-25-60.r-bl100.sakura.ne.jp user=root
May 5 20:51:10 server sshd(pam_unix)[15969]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59-106-25-60.r-bl100.sakura.ne.jp user=root
May 5 20:51:15 server sshd(pam_unix)[15989]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59-106-25-60.r-bl100.sakura.ne.jp user=root
May 5 20:51:20 server sshd(pam_unix)[16011]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59-106-25-60.r-bl100.sakura.ne.jp user=root
May 5 20:51:25 server sshd(pam_unix)[16030]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59-106-25-60.r-bl100.sakura.ne.jp user=root
May 5 20:51:29 server sshd(pam_unix)[16050]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59-106-25-60.r-bl100.sakura.ne.jp user=root
May 5 20:51:34 server sshd(pam_unix)[16068]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59-106-25-60.r-bl100.sakura.ne.jp user=root
May 5 20:51:39 server sshd(pam_unix)[16088]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59-106-25-60.r-bl100.sakura.ne.jp user=root
May 5 20:51:44 server sshd(pam_unix)[16144]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59-106-25-60.r-bl100.sakura.ne.jp user=root
May 5 20:51:49 server sshd(pam_unix)[16164]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59-106-25-60.r-bl100.sakura.ne.jp user=root
May 5 20:51:53 server sshd(pam_unix)[16183]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59-106-25-60.r-bl100.sakura.ne.jp user=root
May 5 20:51:58 server sshd(pam_unix)[16199]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59-106-25-60.r-bl100.sakura.ne.jp user=root
May 5 20:52:03 server sshd(pam_unix)[16219]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59-106-25-60.r-bl100.sakura.ne.jp user=root (continue reading…)

1 Comment :, , more...

register globals pavojus

by neworld on Rgp.13, 2007, under php, Programavimas, Sagumas

Šiandien parašysių apie šitą pavojų. Kas tai galite pažiūrėti čia: http://www.php.net/register_globals

Iš pažiūros tai gal ir patogus dalykas, tačiau patariu niekam nenaudoti jo. Juolab jog ateities php versijos šio palaikymo neturės. Panagrinėsiu du pavojingus atvejus ir būda kaip tai ištaisyti. (continue reading…)

18 Comments more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Blogroll

A few highly recommended websites...

Archives

All entries, chronologically...