真是TM的臭无聊 臭狗屎
Mon May8 09:06:39 2023 authpriv.warn dropbear: Login attempt for nonexistent userMon May8 09:06:40 2023 authpriv.info dropbear: Exit before auth from <134.122.74.24:37636>: Exited normally
Mon May8 09:07:38 2023 authpriv.info dropbear: Child connection from 195.226.194.142:23974
Mon May8 09:07:39 2023 authpriv.warn dropbear: Login attempt for nonexistent user
Mon May8 09:07:40 2023 authpriv.info dropbear: Exit before auth from <195.226.194.142:23974>: Disconnect received
Mon May8 09:08:43 2023 authpriv.info dropbear: Child connection from 134.122.74.24:43538
Mon May8 09:08:43 2023 authpriv.warn dropbear: Login attempt for nonexistent user
Mon May8 09:08:45 2023 authpriv.info dropbear: Exit before auth from <134.122.74.24:43538>: Exited normally
Mon May8 09:08:59 2023 authpriv.info dropbear: Child connection from 190.2.147.48:39500
Mon May8 09:09:01 2023 authpriv.warn dropbear: Bad password attempt for 'root' from 190.2.147.48:39500
Mon May8 09:09:01 2023 authpriv.info dropbear: Exit before auth from <190.2.147.48:39500>: (user 'root', 1 fails): Error reading: Connection reset by peer
Mon May8 09:10:46 2023 authpriv.info dropbear: Child connection from 134.122.74.24:44162
Mon May8 09:10:47 2023 authpriv.warn dropbear: Login attempt for nonexistent user
Mon May8 09:10:48 2023 authpriv.info dropbear: Exit before auth from <134.122.74.24:44162>: Exited normally
Mon May8 09:12:50 2023 authpriv.info dropbear: Child connection from 134.122.74.24:51358
Mon May8 09:12:52 2023 authpriv.warn dropbear: Login attempt for nonexistent user
Mon May8 09:12:53 2023 authpriv.info dropbear: Exit before auth from <134.122.74.24:51358>: Exited normally
Mon May8 09:13:36 2023 authpriv.info dropbear: Child connection from 193.105.134.95:61532
Mon May8 09:13:38 2023 authpriv.warn dropbear: Bad password attempt for 'root' from 193.105.134.95:61532
Mon May8 09:13:38 2023 authpriv.info dropbear: Exit before auth from <193.105.134.95:61532>: (user 'root', 1 fails): Error reading: Connection reset by peer
Mon May8 09:14:50 2023 authpriv.info dropbear: Child connection from 134.122.74.24:47090
Mon May8 09:14:50 2023 authpriv.warn dropbear: Login attempt for nonexistent user
Mon May8 09:14:52 2023 authpriv.info dropbear: Exit before auth from <134.122.74.24:47090>: Exited normally
Mon May8 09:16:51 2023 authpriv.info dropbear: Child connection from 134.122.74.24:38860
Mon May8 09:16:52 2023 authpriv.warn dropbear: Login attempt for nonexistent user
Mon May8 09:16:53 2023 authpriv.info dropbear: Exit before auth from <134.122.74.24:38860>: Exited normally
Mon May8 09:17:19 2023 authpriv.info dropbear: Child connection from 89.39.105.84:41942
Mon May8 09:17:20 2023 authpriv.warn dropbear: Bad password attempt for 'root' from 89.39.105.84:41942
Mon May8 09:17:21 2023 authpriv.info dropbear: Exit before auth from <89.39.105.84:41942>: (user 'root', 1 fails): Error reading: Connection reset by peer
Mon May8 09:17:37 2023 authpriv.info dropbear: Child connection from 107.170.239.9:43134
Mon May8 09:17:48 2023 authpriv.info dropbear: Exit before auth from <107.170.239.9:43134>: Exited normally
Mon May8 09:18:53 2023 authpriv.info dropbear: Child connection from 134.122.74.24:54922
Mon May8 09:18:54 2023 authpriv.warn dropbear: Login attempt for nonexistent user
Mon May8 09:18:55 2023 authpriv.info dropbear: Exit before auth from <134.122.74.24:54922>: Exited normally
Mon May8 09:19:12 2023 authpriv.info dropbear: Child connection from 164.90.233.55:61000
Mon May8 09:19:12 2023 authpriv.info dropbear: Exit before auth from <164.90.233.55:61000>: Exited normally
Mon May8 09:19:31 2023 authpriv.info dropbear: Child connection from 62.112.11.68:29608
Mon May8 09:19:33 2023 authpriv.warn dropbear: Bad password attempt for 'root' from 62.112.11.68:29608
Mon May8 09:19:33 2023 authpriv.info dropbear: Exit before auth from <62.112.11.68:29608>: (user 'root', 1 fails): Error reading: Connection reset by peer
Mon May8 09:19:52 2023 authpriv.info dropbear: Child connection from 190.2.144.45:49990
Mon May8 09:19:59 2023 authpriv.warn dropbear: Bad password attempt for 'root' from 190.2.144.45:49990
Mon May8 09:20:00 2023 authpriv.info dropbear: Exit before auth from <190.2.144.45:49990>: (user 'root', 1 fails): Error reading: Connection reset by peer
Mon May8 09:20:54 2023 authpriv.info dropbear: Child connection from 134.122.74.24:43910
Mon May8 09:20:55 2023 authpriv.warn dropbear: Login attempt for nonexistent user
Mon May8 09:20:56 2023 authpriv.info dropbear: Exit before auth from <134.122.74.24:43910>: Exited normally
Mon May8 09:21:00 2023 user.info : luci: accepted login on / for root from 192.168.1.83
Mon May8 09:22:57 2023 authpriv.info dropbear: Child connection from 134.122.74.24:50900
Mon May8 09:22:58 2023 authpriv.warn dropbear: Login attempt for nonexistent user
Mon May8 09:22:59 2023 authpriv.info dropbear: Exit before auth from <134.122.74.24:50900>: Exited normally
Mon May8 09:24:57 2023 authpriv.info dropbear: Child connection from 134.122.74.24:57584
Mon May8 09:24:58 2023 authpriv.warn dropbear: Login attempt for nonexistent user
Mon May8 09:24:59 2023 authpriv.info dropbear: Exit before auth from <134.122.74.24:57584>: Exited normally
Mon May8 09:25:24 2023 authpriv.info dropbear: Child connection from 114.32.244.186:50021
Mon May8 09:25:25 2023 authpriv.warn dropbear: Login attempt for nonexistent user
Mon May8 09:25:28 2023 authpriv.info dropbear: Exit before auth from <114.32.244.186:50021>: Max auth tries reached - user 'is invalid'
Mon May8 09:25:54 2023 authpriv.info dropbear: Child connection from 109.236.89.72:59081
Mon May8 09:25:56 2023 authpriv.warn dropbear: Bad password attempt for 'root' from 109.236.89.72:59081
Mon May8 09:25:57 2023 authpriv.info dropbear: Exit before auth from <109.236.89.72:59081>: (user 'root', 1 fails): Error reading: Connection reset by peer
最无聊的是把我以前用的默认密码直接把我的网心云docker改成它自己的
看不懂是留后门了吗? 看不懂,暴力破解了root密码?还是开ssh不安全?
2063952 发表于 2023-5-8 10:04
看不懂是留后门了吗?
不知道用的 iStoreOS 固件 华茂春松 发表于 2023-5-8 13:25
看不懂,暴力破解了root密码?还是开ssh不安全?
一直尝试用ssh的22端口用各种密码登陆 关了SSH一天了没有这种日志了 q865945646 发表于 2023-5-8 19:43 static/image/common/back.gif
一直尝试用ssh的22端口用各种密码登陆 关了SSH一天了没有这种日志了
很常见吧,把设备挂到网上被扫撞库很正常。我的平时把ssh都关了。那些高危端口也封住
只要开放出去就会被扫,都是bot在扫。得上防ddos的 XanaduNWH 发表于 2023-5-8 21:08 static/image/common/back.gif
只要开放出去就会被扫,都是bot在扫。得上防ddos的
对,什么流量清洗,防火墙,入侵防御,web应用防护都来一套
页:
[1]