作者 主題: 有人一直在測試我們公司的帳號,不知道有什麼方法可以阻擋(拜託各位大大幫幫忙)  (閱讀 4329 次)

0 會員 與 1 訪客 正在閱讀本文。

gamekb

  • 可愛的小學生
  • *
  • 文章數: 5
    • 檢視個人資料
各位大大想請問一下以下是我們家的MAILLOG,有人一直在測試我們公司的帳號,不知道有什麼方法可以阻擋
除了IPTABLES還有什麼方法

OS:fedora 6 MAILserver:postfix

比如:他測試十次就直接擋掉


Aug 26 15:57:45  postfix/smtpd[20580]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 15:57:46  postfix/smtpd[20784]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 15:57:46  postfix/smtpd[20582]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 15:57:47  postfix/smtpd[20700]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 15:57:47  postfix/smtpd[20301]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 15:57:48  postfix/smtpd[20919]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 15:57:48  postfix/smtpd[20990]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 15:57:49  postfix/smtpd[20785]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 15:57:49  postfix/smtpd[20783]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 16:00:06  postfix/smtpd[21086]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 16:00:06  postfix/smtpd[21088]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 16:00:06  postfix/smtpd[21091]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 16:00:06  postfix/smtpd[21090]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 16:00:06  postfix/smtpd[20990]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 16:00:07  postfix/smtpd[21092]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 16:00:07  postfix/smtpd[21093]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 16:00:07  postfix/smtpd[21094]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
Aug 26 16:00:12  postfix/smtpd[21089]: warning: unknown[113.128.149.118]: SASL LOGIN authentication failed: authentication failure
« 上次編輯: 2009-08-27 15:53 由 gamekb »

sclin2k

  • 懷疑的國中生
  • **
  • 文章數: 73
    • 檢視個人資料
GOOGLE 搜尋一下 fail2ban 這個軟體,網路上有介紹可以擋這一類的攻擊(SSH、POSTFIX、FTP、SASL)。

hikohan

  • 俺是博士!
  • *****
  • 文章數: 1288
    • 檢視個人資料
lifeIsFunWithPHP.

anderson1127

  • 訪客
對岸的IP address ...

不然就大Block鎖掉算了( 113.128.0.0 - 113.129.255.255)

TyroneYeh

  • 俺是博士!
  • *****
  • 文章數: 2396
  • 性別: 男
    • 檢視個人資料
--
TyroneYeh

Drsin

  • 懷疑的國中生
  • **
  • 文章數: 88
    • 檢視個人資料
這裡也有http://i-yow.blogspot.com/search/label/Linux%E5%9F%BA%E7%A4%8E
沒記錯的話是我們這裡的學長的BLG覺得上面很多資訊可以用~我也常常在上面混~哈