Добрый день!
Недавно заметил такое чудо в
/var/log/secureFeb 12 16:33:10 *** sshd[30516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.174.22.182
Feb 12 16:33:10 *** sshd[30516]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Feb 12 16:33:12 *** sshd[30516]: Failed password for invalid user admin from 220.174.22.182 port 43984 ssh2
Feb 12 16:33:13 *** sshd[30517]: Connection closed by 220.174.22.182
Feb 12 17:10:35 *** sshd[30977]: Invalid user test from 79.143.39.164
Feb 12 17:10:35 *** sshd[30978]: input_userauth_request: invalid user test
Feb 12 17:10:35 *** sshd[30977]: pam_unix(sshd:auth): check pass; user unknown
Feb 12 17:10:35 *** sshd[30977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=nonstop.vn.ua
Feb 12 17:10:35 *** sshd[30977]: pam_succeed_if(sshd:auth): error retrieving information about user test
Feb 12 17:10:37 *** sshd[30977]: Failed password for invalid user test from 79.143.39.164 port 38192 ssh2
Feb 12 17:10:37 *** sshd[30978]: Received disconnect from 79.143.39.164: 11: Bye Bye
Feb 12 17:10:37 *** sshd[30981]: Invalid user oracle from 79.143.39.164
Feb 12 17:10:37 *** sshd[30982]: input_userauth_request: invalid user oracle
Feb 12 17:10:37 *** sshd[30981]: pam_unix(sshd:auth): check pass; user unknown
Feb 12 17:10:37 *** sshd[30981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=nonstop.vn.ua
Feb 12 17:10:37 *** sshd[30981]: pam_succeed_if(sshd:auth): error retrieving information about user oracle
Feb 12 17:10:40 *** sshd[30981]: Failed password for invalid user oracle from 79.143.39.164 port 38505 ssh2
Feb 12 17:10:40 *** sshd[30982]: Received disconnect from 79.143.39.164: 11: Bye Bye
Feb 12 17:10:40 *** sshd[30983]: Invalid user guest from 79.143.39.164
Feb 12 17:10:40 *** sshd[30984]: input_userauth_request: invalid user guest
Feb 12 17:10:40 *** sshd[30983]: pam_unix(sshd:auth): check pass; user unknown
Feb 12 17:10:40 *** sshd[30983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=nonstop.vn.ua
Feb 12 17:10:40 *** sshd[30983]: pam_succeed_if(sshd:auth): error retrieving information about user guest
Feb 12 17:10:42 *** sshd[30983]: Failed password for invalid user guest from 79.143.39.164 port 38925 ssh2
Feb 12 17:10:42 *** sshd[30984]: Received disconnect from 79.143.39.164: 11: Bye Bye
Feb 12 17:10:42 *** sshd[30985]: Invalid user user from 79.143.39.164
Feb 12 17:10:42 *** sshd[30986]: input_userauth_request: invalid user user
Feb 12 17:10:42 *** sshd[30985]: pam_unix(sshd:auth): check pass; user unknown
Feb 12 17:10:42 *** sshd[30985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=nonstop.vn.ua
Feb 12 17:10:42 *** sshd[30985]: pam_succeed_if(sshd:auth): error retrieving information about user user
Feb 12 17:10:44 *** sshd[30985]: Failed password for invalid user user from 79.143.39.164 port 39234 ssh2
Feb 12 17:10:44 *** sshd[30986]: Received disconnect from 79.143.39.164: 11: Bye Bye
Feb 12 17:10:45 *** sshd[30987]: Invalid user info from 79.143.39.164
наскольео я понимаю, это какой-то чудак пытается подобрать доступ по бруту. Как можно отсекать таких умельцев?
P.S. я не очень хороший админ, поэтому буду благодарен за развернутый ответ