Today, I was shocked to view the SSH logon records of VPS. I used to log on to the SSH dictionary with several IP addresses and guess the root password. Their list is now published:
62.75.214.93 gera125.server4you.de German/German devils
203.215.252.189 Hong Kong Special Administrative Region/speechless ....
219.143.200.169 Beijing Telecom/is still doing bad things in the Party Central Committee ....
60.12.193.134 Zhejiang Huzhou Netcom/
C953dc2c.20.a.com.br 201.83.220.44 Brazil/you are the most ....
Several of them have also set up the Nginx environment and have no website.
/Etc/hosts. allow and/etc/hosts. deny files are used to control remote access settings. They allow or deny users of an ip address or ip segment to access a service in linux.
If the requested host name or IP address is not included in/etc/hosts. allow, The tcpd process checks/etc/hosts. deny. Check whether the requested host name or IP address is included in the hosts. deny file. If it is included, the access is denied. If it is neither included in/etc/hosts. allow nor included in/etc/hosts. deny, the access is also allowed.
<Daemon list >:< client list> [: <option >:< option >:......]
Daemon list service process name list, for example, telnet service process name in. telnetd
Client list the list of access control clients. You can write domain names, host names, or network segments, such as .trubolinux.com.cn or 192.168.1.
Option is optional. It can be a command or a specified log file.
Example: hosts. allow
In. telnetd: .vpser.net
Vsftpd: 192.168.0.
Sshd: 192.168.0.0/255.255.255.0
In/etc/hosts. allow, the first line of vpser.net indicates that only the hosts in the vpser.net domain are allowed to access the TELNET service. Pay attention to the point (.) before vpser.net (.).
The second line in/etc/hosts. allow indicates that only users of the network segment 192.168.0 are allowed to access the FTP service. Pay attention to the point (.) After 0 (.).
The third line in/etc/hosts. allow indicates that only users in the network segment 192.168.0 are allowed to access the SSH service. Note that the value cannot be 192.168.0.0/24. Although the two CISCO routers are equivalent.
Add the following in/etc/hosts. deny:
Sshd: 62.75.214.93
Sshd: 203.215.252.189
Sshd: 219.143.200.169
Sshd: 60.12.193.134
Sshd: 201.83.220.44
Sshd: c953dc2c.20.a.com.br
Sshd: gera125.server4you.de
All of their access to SSH is rejected, and the GFW in Linux is also very strong.