查看登录日志
$ last -f /var/log/wtmp
查看�安全日志
$ cat /var/log/secure
Bad protocol version identification 'GET / HTTP/1.0' from 107.182.184.18 port 59428
Did not receive identification string from 107.182.184.18
Bad protocol version identification 'GET / HTTP/1.0' from 107.182.184.18 port 38416
Did not receive identification string from 107.182.184.18
Bad protocol version identification 'GET / HTTP/1.0' from 107.182.184.18 port 50051
Did not receive identification string from 107.182.184.18
Bad protocol version identification 'GET / HTTP/1.0' from 107.182.184.18 port 36287
Did not receive identification string from 107.182.184.18
Bad protocol version identification 'GET / HTTP/1.0' from 107.182.184.18 port 55816
可以看到107.182.184.18
这个ip一直在攻击服务器
封ip
执行之前看一个是不是自己的ip,千万不要把自己的ip给封了_
// 封ip
$ iptables -I INPUT -s 107.182.184.18 -j DROP
// 解封
$ iptables -D INPUT -s 107.182.184.18 -j DROP
// 查看规则
$ iptables -L -n
禁用ping
// 禁用ping
$ echo 1 >/proc/sys/net/ipv4/icmp_echo_ignore_all
// 允许ping
$ echo 0 >/proc/sys/net/ipv4/icmp_echo_ignore_all
网友评论