服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 什么是EC2的IP范围
Intereting Posts
使用pf转发IP地址 501 HELO没有反向DNS名称 CentOS取代PHP开发机器? nf_conntrack.acct究竟做了什么? 如何以编程方式只将特定的nginx服务器块设置为维护模式 Dovecot + AD不工作 用Windows 2003服务器和Windows 7客户机build立一个实验室 问题:Ubuntu服务器死了。 我可以从备份访问/ var / lib / mysql文件…如何让他们备份在另一台机器上? 使用TACACS +validationLinux sshd(Cisco ACS) Azure:给“网站”(而不是一个虚拟主机)一个公共IP 使用netcat与CIFS / SMB传输速率测量networking吞吐量 PHP文件不能被nginx中的fastcgiparsing 你怎么看清ps -u $ user的过程数据? 主机重启后iscsi无法正常工作 在Windows SBS SP2下查看连接的SCSI设备

什么是EC2的IP范围

我想设置一个阻止来自EC2的ssh请求的规则,因为我已经看到大量基于ssh的攻击,并且想知道是否有人知道他们的IP范围是什么。

编辑:谢谢你的答案,我继续执行iptables规则如下。 我暂时忽略所有的stream量。 logging它只是为了看看这些规则是否正常工作,以及EC2发送多less废话的统计信息;) 

#EC2 Blacklist $IPTBLS -A INPUT -s 67.202.0.0/18 -j LOG --log-prefix "<firewall> EC2 traffic " $IPTBLS -A INPUT -s 67.202.0.0/18 -j DROP $IPTBLS -A INPUT -s 72.44.32.0/19 -j LOG --log-prefix "<firewall> EC2 traffic " $IPTBLS -A INPUT -s 72.44.32.0/19 -j DROP $IPTBLS -A INPUT -s 75.101.128.0/17 -j LOG --log-prefix "<firewall> EC2 traffic " $IPTBLS -A INPUT -s 75.101.128.0/17 -j DROP $IPTBLS -A INPUT -s 174.129.0.0/16 -j LOG --log-prefix "<firewall> EC2 traffic " $IPTBLS -A INPUT -s 174.129.0.0/16 -j DROP $IPTBLS -A INPUT -s 204.236.192.0/18 -j LOG --log-prefix "<firewall> EC2 traffic " $IPTBLS -A INPUT -s 204.236.192.0/18 -j DROP $IPTBLS -A INPUT -s 204.236.224.0/19 -j LOG --log-prefix "<firewall> EC2 traffic " $IPTBLS -A INPUT -s 204.236.224.0/19 -j DROP $IPTBLS -A INPUT -s 79.125.0.0/17 -j LOG --log-prefix "<firewall> EC2 traffic " $IPTBLS -A INPUT -s 79.125.0.0/17 -j DROP

你可以在这里find更新列表: https : //forums.aws.amazon.com/ann.jspa?annID=1701

+1什么gekkz说。 另外我会build议安装fail2ban,以帮助保存系统资源比字典攻击更重要的事情。

按照https://forums.aws.amazon.com/ann.jspa?annID=1252 

 US East (Northern Virginia): 72.44.32.0/19 (72.44.32.0 - 72.44.63.255) 67.202.0.0/18 (67.202.0.0 - 67.202.63.255) 75.101.128.0/17 (75.101.128.0 - 75.101.255.255) 174.129.0.0/16 (174.129.0.0 - 174.129.255.255) 204.236.192.0/18 (204.236.192.0 - 204.236.255.255) 184.73.0.0/16 (184.73.0.0 – 184.73.255.255) 184.72.128.0/17 (184.72.128.0 - 184.72.255.255) 184.72.64.0/18 (184.72.64.0 - 184.72.127.255) 50.16.0.0/15 (50.16.0.0 - 50.17.255.255) 50.19.0.0/16 (50.19.0.0 - 50.19.255.255) 107.20.0.0/15 (107.20.0.0 - 107.21.255.255) 107.22.0.0/16 (107.22.0.0 - 107.22.255.255) 23.20.0.0/14 (23.20.0.0 – 23.23.255.255) NEW US West (Oregon): 50.112.0.0/16 (50.112.0.0 - 50.112.255.255) US West (Northern California): 204.236.128.0/18 (204.236.128.0 - 204.236.191.255) 184.72.0.0/18 (184.72.0.0 – 184.72.63.255) 50.18.0.0/16 (50.18.0.0 - 50.18.255.255) 184.169.128.0/17 (184.160.128.0 - 184.169.255.255) NEW EU (Ireland): 79.125.0.0/17 (79.125.0.0 - 79.125.127.255) 46.51.128.0/18 (46.51.128.0 - 46.51.191.255) 46.51.192.0/20 (46.51.192.0 - 46.51.207.255) 46.137.0.0/17 (46.137.0.0 - 46.137.127.255) 46.137.128.0/18 (46.137.128.0 - 46.137.191.255) 176.34.128.0/17 (176.34.128.0 - 176.34.255.255) 176.34.64.0/18 (176.34.64.0 – 176.34.127.255) NEW Asia Pacific (Singapore) 175.41.128.0/18 (175.41.128.0 - 175.41.191.255) 122.248.192.0/18 (122.248.192.0 - 122.248.255.255) 46.137.192.0/18 (46.137.192.0 - 46.137.255.255) 46.51.216.0/21 (46.51.216.0 - 46.51.223.255) Asia Pacific (Tokyo) 175.41.192.0/18 (175.41.192.0 - 175.41.255.255) 46.51.224.0/19 (46.51.224.0 - 46.51.255.255) 176.32.64.0/19 (176.32.64.0 - 176.32.95.255) 103.4.8.0/21 (103.4.8.0 - 103.4.15.255) 176.34.0.0/18 (176.34.0.0 - 176.34.63.255) NEW South America (Sao Paulo) 177.71.128.0/17 (177.71.128.0 - 177.71.255.255) NEW