我想知道是否有我的服务器上的安全漏洞。 我正在预览/ var / log / messages文件,我一直在收到很多日志,然后发送一些关于“networking不可达解决”的消息。 这是我在消息文件中的最后一个条目的示例。 我正在运行Centos 5.1。
Sep 24 10:03:23 ip-184-168-116-73 pure-ftpd: ([email protected]) [INFO] New connection from 127.0.0.1 Sep 24 10:03:23 ip-184-168-116-73 pure-ftpd: ([email protected]) [INFO] __cpanel__service__auth__ftpd__mYPM6aAnC9051nEC0nS9vPMkaMz34VyA0HXbDApw_0Xan5OW3K9uqnlSAk98PzAq is now logged in Sep 24 10:03:23 ip-184-168-116-73 pure-ftpd: (__cpanel__service__auth__ftpd__mYPM6aAnC9051nEC0nS9vPMkaMz34VyA0HXbDApw_0Xan5OW3K9uqnlSAk98PzAq@127.0.0.1) [INFO] Logout. Sep 24 10:08:23 ip-184-168-116-73 pure-ftpd: ([email protected]) [INFO] New connection from 127.0.0.1 Sep 24 10:08:24 ip-184-168-116-73 pure-ftpd: ([email protected]) [INFO] __cpanel__service__auth__ftpd__qUTJ2NFXeRRKXGjXVbjLQn2upJdGRaSGGSMDQna8wsEINYCTOrWUzxqiJp8rUT0S is now logged in Sep 24 10:08:24 ip-184-168-116-73 pure-ftpd: (__cpanel__service__auth__ftpd__qUTJ2NFXeRRKXGjXVbjLQn2upJdGRaSGGSMDQna8wsEINYCTOrWUzxqiJp8rUT0S@127.0.0.1) [INFO] Logout. Sep 24 10:09:19 ip-184-168-116-73 named[1502]: network unreachable resolving 'ns1.expired.r01.ru/A/IN': 2001:678:17:0:193:232:128:6#53 Sep 24 10:09:19 ip-184-168-116-73 named[1502]: network unreachable resolving 'ns2.expired.r01.ru/A/IN': 2001:678:17:0:193:232:128:6#53 Sep 24 10:09:19 ip-184-168-116-73 named[1502]: network unreachable resolving 'ns1.expired.r01.ru/AAAA/IN': 2001:678:17:0:193:232:128:6#53 Sep 24 10:09:19 ip-184-168-116-73 named[1502]: network unreachable resolving 'ns2.expired.r01.ru/AAAA/IN': 2001:678:17:0:193:232:128:6#53 Sep 24 10:09:19 ip-184-168-116-73 named[1502]: unexpected RCODE (SERVFAIL) resolving 'ns1.internet-spb.ru/A/IN': 109.70.26.37#53 Sep 24 10:09:19 ip-184-168-116-73 named[1502]: unexpected RCODE (SERVFAIL) resolving 'ns2.internet-spb.ru/A/IN': 109.70.26.37#53 Sep 24 10:09:19 ip-184-168-116-73 named[1502]: unexpected RCODE (SERVFAIL) resolving 'ns2.internet-spb.ru/AAAA/IN': 109.70.26.37#53 Sep 24 10:09:19 ip-184-168-116-73 named[1502]: unexpected RCODE (SERVFAIL) resolving 'ns1.internet-spb.ru/AAAA/IN': 109.70.26.37#53 Sep 24 10:09:19 ip-184-168-116-73 named[1502]: unexpected RCODE (SERVFAIL) resolving 'ns2.internet-spb.ru/A/IN': 194.85.61.76#53 Sep 24 10:09:19 ip-184-168-116-73 named[1502]: unexpected RCODE (SERVFAIL) resolving 'ns2.internet-spb.ru/AAAA/IN': 194.85.61.76#53 Sep 24 10:09:19 ip-184-168-116-73 named[1502]: unexpected RCODE (SERVFAIL) resolving 'ns1.internet-spb.ru/A/IN': 194.85.61.76#53 Sep 24 10:09:19 ip-184-168-116-73 named[1502]: unexpected RCODE (SERVFAIL) resolving 'ns1.internet-spb.ru/AAAA/IN': 194.85.61.76#53 Sep 24 10:12:11 ip-184-168-116-73 named[1502]: network unreachable resolving 'ns3.rnc.ro/A/IN': 2001:500:2e::1#53 Sep 24 10:13:25 ip-184-168-116-73 pure-ftpd: ([email protected]) [INFO] New connection from 127.0.0.1 Sep 24 10:13:25 ip-184-168-116-73 pure-ftpd: ([email protected]) [INFO] __cpanel__service__auth__ftpd__s4ls4qxg3HrWFYi6ICTo0SJvgbJU6DSbALi95PAgNGK2rHENueFdmzXwkXY7GjMj is now logged in Sep 24 10:13:25 ip-184-168-116-73 pure-ftpd: (__cpanel__service__auth__ftpd__s4ls4qxg3HrWFYi6ICTo0SJvgbJU6DSbALi95PAgNGK2rHENueFdmzXwkXY7GjMj@127.0.0.1) [INFO] Logout. Sep 24 10:16:15 ip-184-168-116-73 named[1502]: client 199.180.114.183#36635: query (cache) 'cpsc.gov/ANY/IN' denied 如果这是一个黑客,那么我需要更改哪些设置以确保更高的安全性?
谢谢你,上帝保佑<> <
看起来像(a)您的IPv6configuration可能正在发生,(b)某些东西正在击中您的盒子(通常是垃圾邮件),导致DNS查找垃圾邮件/不存在的域导致失败。
没有足够的信息来确定您是否被入侵。 但是请记住,EL5现在只能获得维护更新。因此在这一点上,您可能需要考虑EL7
另外,Centos 5目前在5.11版本,所以如果你真的在5.1上面提出的build议,你可能想要解决的很快