浙江成肉鸡窝了？

V2EX = way to explore

V2EX 是一个关于分享和探索的地方

现在注册

已注册用户请登录

这是一个创建于 3565 天前的主题，其中的信息可能已经有所发展或是发生改变。

昨晚刚撸了一台韩国的vps，firewall-cmd 加了两条规则，开了一个服务以及一个端口
结果，今天过来一看

[root@v2k ~]# lastb | awk '{print $3}' | sort | uniq -c | sort -n | sed '1,2d'
153 218.2.0.135
257 8.254.73.28
362 115.239.228.7
615 182.100.67.112
617 183.136.216.4
1201 115.239.228.15
1266 115.231.222.45
1429 115.231.222.176
1580 115.239.228.4
1655 115.239.228.12
1749 183.136.216.3
1997 115.239.228.9
2639 115.239.228.6
2650 115.239.228.11
2805 115.230.126.151
3067 115.239.228.35
3076 115.231.218.130
3083 115.239.228.16
3225 115.239.228.14
3261 182.100.67.114
3364 115.231.223.170
3513 115.239.228.13
4398 115.231.218.131
4672 115.239.228.34

嗯，全部浙江的 ip，何必呢，人家是限密码登录的，真想一口气将这些ip全部封了

root@v2k

sort

肉鸡

30 条回复 • 2015-02-04 20:11:20 +08:00

bellchu

2015-02-04 10:01:14 +08:00

我昨天新开的一个服务器，只准备做个nginx的cache，还没上线。
收获这么多IP
REJECT all -- 103.41.124.40 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.33 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.56 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 61.174.49.106 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.45 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 50.63.185.226 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.61 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.16 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 182.100.67.115 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.50 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.111 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 62.210.113.184 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 58.218.213.249 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.18 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 220.191.204.238 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.32 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.104 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.26 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 218.65.30.107 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.25 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.21 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.58 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.30 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.102 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.39 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.31 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all -- 103.41.124.103 0.0.0.0/0 reject-with icmp-port-unreachable

xiaozhizhu1997

2015-02-04 10:14:54 +08:00 via Android

星光互联那家么。。。
我有个OAH尼玛被世界各地甚至非洲的IP光顾啊…

bellchu

2015-02-04 10:16:56 +08:00

@xiaozhizhu1997 有做黄站的潜质

lonelygo

2015-02-04 10:17:26 +08:00

不稀奇，看看这个：
Illegal users from:
undef: 45 times
50.20.209.110: 1 time
66.186.252.60 (dslsubs15-60.eatel.net): 1 time
72.205.202.108 (wsip-72-205-202-108.no.no.cox.net): 1 time
87.106.242.123 (s15347945.onlinehome-server.info): 39 times
103.249.205.246: 1 time
107.4.7.193 (c-107-4-7-193.hsd1.nm.comcast.net): 1 time
112.78.3.196 (vps3d196-static.vdrs.net): 2 times
115.238.55.163: 7 times
124.158.215.84: 1 time
149.129.21.126: 1 time
149.129.28.76: 1 time
149.129.41.27: 1 time
184.75.119.243 (rrcs-184-75-119-243.nyc.biz.rr.com): 1 time
184.183.167.206 (wsip-184-183-167-206.sd.sd.cox.net): 1 time
195.238.181.159 (159.181.238.195.in-addr.arpa): 1 time
200.84.139.203 (200.84.139-203.dyn.dsl.cantv.net): 1 time
202.147.196.234 (ip-196-234.infokom.net): 1 time
204.45.127.10: 13 times
206.192.242.146 (dhcp242.146.minetfiber.net): 1 time

Havee

2015-02-04 10:20:26 +08:00

@lonelygo
@xiaozhizhu1997
@bellchu
刚写个脚本，1分钟超过10次的，统统 reject，扔计划任务里去了

bellchu

2015-02-04 10:41:10 +08:00

@Havee 我是一分钟超过一次非法直接reject 24H

lonelygo

2015-02-04 11:10:18 +08:00

@Havee @bellchu 你们好狠，你们考虑过肉鸡的感受么？

Imivan

2015-02-04 11:13:44 +08:00 via Android

哪里有肉鸡卖。

sxd1988

2015-02-04 11:46:02 +08:00

如果开SSH的22端口，也是有若干的温州IP一直在尝试登陆

kiritoalex

2015-02-04 12:10:08 +08:00 via iPhone

真想做一个honeypot看看到底是哪种攻击……

zachgenius

2015-02-04 12:13:54 +08:00

昨天拉了一下lastb，我靠

root ssh:notty 222.186.21.100 Tue Feb 3 01:12 - 01:12 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:12 - 01:12 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:12 - 01:12 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:12 - 01:12 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:12 - 01:12 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:12 - 01:12 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:12 - 01:12 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:11 - 01:11 (00:00)
...
root ssh:notty 222.186.21.100 Tue Feb 3 01:01 - 01:01 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:01 - 01:01 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:01 - 01:01 (00:00)
root ssh:notty 222.186.21.100 Tue Feb 3 01:01 - 01:01 (00:00)
prueba ssh:notty 71-82-151-208.dh Mon Feb 2 23:57 - 23:57 (00:00)
prueba ssh:notty 71-82-151-208.dh Mon Feb 2 23:57 - 23:57 (00:00)
postgres ssh:notty 71-82-151-208.dh Mon Feb 2 20:46 - 20:46 (00:00)
postgres ssh:notty 71-82-151-208.dh Mon Feb 2 20:46 - 20:46 (00:00)
support ssh:notty 187.111.5.130 Mon Feb 2 20:14 - 20:14 (00:00)
support ssh:notty 187.111.5.130 Mon Feb 2 20:14 - 20:14 (00:00)
postfix ssh:notty 71-82-151-208.dh Mon Feb 2 17:34 - 17:34 (00:00)
student ssh:notty 187.111.5.130 Mon Feb 2 17:01 - 17:01 (00:00)
student ssh:notty 187.111.5.130 Mon Feb 2 17:01 - 17:01 (00:00)
office ssh:notty 71-82-151-208.dh Mon Feb 2 11:32 - 11:32 (00:00)
office ssh:notty 71-82-151-208.dh Mon Feb 2 11:32 - 11:32 (00:00)
natalia ssh:notty 71-82-151-208.dh Mon Feb 2 08:21 - 08:21 (00:00)
natalia ssh:notty 71-82-151-208.dh Mon Feb 2 08:21 - 08:21 (00:00)
......

感觉全是江苏镇江的用脚本在跑。。。而且我的几个服务器发现这种批量的不良登陆的行为就发生从1月到现在。。。还有这帮尝试用Natalia啊什么student啊还有用dick尝试登陆的。。。

vex911

2015-02-04 12:20:25 +08:00

那个不是肉鸡吧，是阿里云服务器的IP。

cevincheung

2015-02-04 12:23:59 +08:00

xbmc ssh:notty Wed Feb 4 06:56 - 06:56 (00:00) ip-50-63-185-226.ip.secureserver.net
xbian ssh:notty Wed Feb 4 06:54 - 06:54 (00:00) ip-50-63-185-226.ip.secureserver.net
vyatta ssh:notty Wed Feb 4 06:52 - 06:52 (00:00) ip-50-63-185-226.ip.secureserver.net
ubnt ssh:notty Wed Feb 4 06:50 - 06:50 (00:00) ip-50-63-185-226.ip.secureserver.net
ts3srv ssh:notty Wed Feb 4 06:48 - 06:48 (00:00) ip-50-63-185-226.ip.secureserver.net
ts3 ssh:notty Wed Feb 4 06:46 - 06:46 (00:00) ip-50-63-185-226.ip.secureserver.net
ts ssh:notty Wed Feb 4 06:44 - 06:44 (00:00) ip-50-63-185-226.ip.secureserver.net
test ssh:notty Wed Feb 4 06:42 - 06:42 (00:00) ip-50-63-185-226.ip.secureserver.net
teamspea ssh:notty Wed Feb 4 06:40 - 06:40 (00:00) ip-50-63-185-226.ip.secureserver.net
support ssh:notty Wed Feb 4 06:38 - 06:38 (00:00) ip-50-63-185-226.ip.secureserver.net
smtp ssh:notty Wed Feb 4 06:34 - 06:34 (00:00) ip-50-63-185-226.ip.secureserver.net
send ssh:notty Wed Feb 4 06:32 - 06:32 (00:00) ip-50-63-185-226.ip.secureserver.net
sebastia ssh:notty Wed Feb 4 06:29 - 06:29 (00:00) ip-50-63-185-226.ip.secureserver.net
sales ssh:notty Wed Feb 4 06:27 - 06:27 (00:00) ip-50-63-185-226.ip.secureserver.net
postgres ssh:notty Wed Feb 4 05:57 - 05:57 (00:00) ip-50-63-185-226.ip.secureserver.net
pi ssh:notty Wed Feb 4 05:55 - 05:55 (00:00) ip-50-63-185-226.ip.secureserver.net
oracle ssh:notty Wed Feb 4 05:53 - 05:53 (00:00) ip-50-63-185-226.ip.secureserver.net
nagios ssh:notty Wed Feb 4 05:51 - 05:51 (00:00) ip-50-63-185-226.ip.secureserver.net
log ssh:notty Wed Feb 4 05:47 - 05:47 (00:00) ip-50-63-185-226.ip.secureserver.net
karaf ssh:notty Wed Feb 4 05:45 - 05:45 (00:00) ip-50-63-185-226.ip.secureserver.net
jack ssh:notty Wed Feb 4 05:43 - 05:43 (00:00) ip-50-63-185-226.ip.secureserver.net
info ssh:notty Wed Feb 4 05:41 - 05:41 (00:00) ip-50-63-185-226.ip.secureserver.net
guest ssh:notty Wed Feb 4 05:39 - 05:39 (00:00) ip-50-63-185-226.ip.secureserver.net
ftp ssh:notty Wed Feb 4 05:34 - 05:34 (00:00) ip-50-63-185-226.ip.secureserver.net
dreamer ssh:notty Wed Feb 4 05:32 - 05:32 (00:00) ip-50-63-185-226.ip.secureserver.net
default ssh:notty Wed Feb 4 05:30 - 05:30 (00:00) ip-50-63-185-226.ip.secureserver.net
debug ssh:notty Wed Feb 4 05:28 - 05:28 (00:00) ip-50-63-185-226.ip.secureserver.net
david ssh:notty Wed Feb 4 05:26 - 05:26 (00:00) ip-50-63-185-226.ip.secureserver.net
cisco ssh:notty Wed Feb 4 05:24 - 05:24 (00:00) ip-50-63-185-226.ip.secureserver.net
christia ssh:notty Wed Feb 4 05:21 - 05:21 (00:00) ip-50-63-185-226.ip.secureserver.net
bob ssh:notty Wed Feb 4 05:19 - 05:19 (00:00) ip-50-63-185-226.ip.secureserver.net
arbab ssh:notty Wed Feb 4 05:15 - 05:15 (00:00) ip-50-63-185-226.ip.secureserver.net
alex ssh:notty Wed Feb 4 05:13 - 05:13 (00:00) ip-50-63-185-226.ip.secureserver.net
administ ssh:notty Wed Feb 4 05:11 - 05:11 (00:00) ip-50-63-185-226.ip.secureserver.net
admin ssh:notty Wed Feb 4 05:09 - 05:09 (00:00) ip-50-63-185-226.ip.secureserver.net
admin ssh:notty Wed Feb 4 05:07 - 05:07 (00:00) ip-50-63-185-226.ip.secureserver.net
admin ssh:notty Wed Feb 4 05:04 - 05:04 (00:00) ip-50-63-185-226.ip.secureserver.net
aaron ssh:notty Wed Feb 4 05:01 - 05:01 (00:00) ip-50-63-185-226.ip.secureserver.net
PlcmSpIp ssh:notty Wed Feb 4 04:58 - 04:58 (00:00) ip-50-63-185-226.ip.secureserver.net
xbmc ssh:notty Wed Feb 4 02:34 - 02:34 (00:00) 220.191.204.238
xbian ssh:notty Wed Feb 4 02:30 - 02:30 (00:00) 220.191.204.238
vyatta ssh:notty Wed Feb 4 02:26 - 02:26 (00:00) 220.191.204.238
ubnt ssh:notty Wed Feb 4 02:22 - 02:22 (00:00) 220.191.204.238
ts3srv ssh:notty Wed Feb 4 02:18 - 02:18 (00:00) 220.191.204.238
ts3 ssh:notty Wed Feb 4 02:14 - 02:14 (00:00) 220.191.204.238
ts ssh:notty Wed Feb 4 02:10 - 02:10 (00:00) 220.191.204.238
test ssh:notty Wed Feb 4 02:06 - 02:06 (00:00) 220.191.204.238
support ssh:notty Wed Feb 4 01:59 - 01:59 (00:00) 220.191.204.238
postgres ssh:notty Wed Feb 4 01:01 - 01:01 (00:00) 220.191.204.238
pi ssh:notty Wed Feb 4 00:58 - 00:58 (00:00) 220.191.204.238
oracle ssh:notty Wed Feb 4 00:54 - 00:54 (00:00) 220.191.204.238
log ssh:notty Wed Feb 4 00:42 - 00:42 (00:00) 220.191.204.238
karaf ssh:notty Wed Feb 4 00:38 - 00:38 (00:00) 220.191.204.238
jack ssh:notty Wed Feb 4 00:34 - 00:34 (00:00) 220.191.204.238
info ssh:notty Wed Feb 4 00:30 - 00:30 (00:00) 220.191.204.238
guest ssh:notty Wed Feb 4 00:26 - 00:26 (00:00) 220.191.204.238
ftp ssh:notty Wed Feb 4 00:18 - 00:18 (00:00) 220.191.204.238
dreamer ssh:notty Wed Feb 4 00:14 - 00:14 (00:00) 220.191.204.238
default ssh:notty Wed Feb 4 00:10 - 00:10 (00:00) 220.191.204.238
debug ssh:notty Wed Feb 4 00:06 - 00:06 (00:00) 220.191.204.238
david ssh:notty Wed Feb 4 00:03 - 00:03 (00:00) 220.191.204.238
cisco ssh:notty Tue Feb 3 23:59 - 23:59 (00:00) 220.191.204.238
christia ssh:notty Tue Feb 3 23:55 - 23:55 (00:00) 220.191.204.238
bob ssh:notty Tue Feb 3 23:51 - 23:51 (00:00) 220.191.204.238
arbab ssh:notty Tue Feb 3 23:43 - 23:43 (00:00) 220.191.204.238
alex ssh:notty Tue Feb 3 23:39 - 23:39 (00:00) 220.191.204.238
administ ssh:notty Tue Feb 3 23:35 - 23:35 (00:00) 220.191.204.238
admin ssh:notty Tue Feb 3 23:31 - 23:31 (00:00) 220.191.204.238
admin ssh:notty Tue Feb 3 23:27 - 23:27 (00:00) 220.191.204.238
admin ssh:notty Tue Feb 3 23:23 - 23:23 (00:00) 220.191.204.238
aaron ssh:notty Tue Feb 3 23:19 - 23:19 (00:00) 220.191.204.238
PlcmSpIp ssh:notty Tue Feb 3 23:15 - 23:15 (00:00) 220.191.204.238
shoutcas ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
shoutcas ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
www ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
www ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
www ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
jedi ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
jedi ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
albert ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
albert ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
melissa ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
melissa ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
matrix ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
matrix ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
matrix ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
matrix ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
matrix ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
sybase ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
sybase ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
demo ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
demo ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
demo ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
demo ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
demo ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
hadoop ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
hadoop ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
hadoop ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
hadoop ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
hadoop ssh:notty Tue Feb 3 22:18 - 22:18 (00:00) 114.80.101.44
oracle ssh:notty Tue Feb 3 22:17 - 22:17 (00:00) 114.80.101.44
user3 ssh:notty Tue Feb 3 22:17 - 22:17 (00:00) 114.80.101.44
user2 ssh:notty Tue Feb 3 22:17 - 22:17 (00:00) 114.80.101.44
user1 ssh:notty Tue Feb 3 22:17 - 22:17 (00:00) 114.80.101.44
user03 ssh:notty Tue Feb 3 22:17 - 22:17 (00:00) 114.80.101.44
user02 ssh:notty Tue Feb 3 22:16 - 22:16 (00:00) 114.80.101.44
user3 ssh:notty Tue Feb 3 22:16 - 22:16 (00:00) 114.80.101.44
user2 ssh:notty Tue Feb 3 22:16 - 22:16 (00:00) 114.80.101.44
user01 ssh:notty Tue Feb 3 22:16 - 22:16 (00:00) 114.80.101.44
user1 ssh:notty Tue Feb 3 22:16 - 22:16 (00:00) 114.80.101.44
ubuntu ssh:notty Tue Feb 3 22:16 - 22:16 (00:00) 114.80.101.44
postgres ssh:notty Tue Feb 3 22:16 - 22:16 (00:00) 114.80.101.44
suporte ssh:notty Tue Feb 3 22:16 - 22:16 (00:00) 114.80.101.44
student ssh:notty Tue Feb 3 22:16 - 22:16 (00:00) 114.80.101.44
student ssh:notty Tue Feb 3 22:16 - 22:16 (00:00) 114.80.101.44
suporte ssh:notty Tue Feb 3 22:16 - 22:16 (00:00) 114.80.101.44
postgres ssh:notty Tue Feb 3 22:16 - 22:16 (00:00) 114.80.101.44
nagios ssh:notty Tue Feb 3 22:16 - 22:16 (00:00) 114.80.101.44

jasontse

2015-02-04 12:32:25 +08:00 via iPad

还有福建也是鸡窝

codegear

2015-02-04 12:41:23 +08:00

一看吓一跳
国外有泰国、韩国
国内有成都、绍兴、镇江

一天5w次，要吃不消了

lingo

2015-02-04 12:46:10 +08:00

@bellchu 我的跟你的差不多，103.41.124.*这个范围的特别多。。。

hjc4869

2015-02-04 12:56:51 +08:00

fail2ban不好用？

fashioncj

2015-02-04 13:35:49 +08:00

@lingo 同意。。我的也是~

fashioncj

2015-02-04 13:39:01 +08:00

ssh简直爆炸
![sinaimg](

)

bellchu

2015-02-04 13:50:49 +08:00

@lingo 貌似是香港的IP。以前没这么多SSH尝试的，就去年开始，只要是在亚太的服务器，我基本每天都能收获很多。北美的服务器都是OpenVPN的尝试。

dongge

2015-02-04 13:55:05 +08:00 via Android

@vex911 头像。。。。。

lingo233

2015-02-04 14:59:51 +08:00

我这边比你们好一点只有一个兰州ip比较多来了624次

abcbit

2015-02-04 15:16:21 +08:00 via iPhone

鎮江的服務器一個月才200多，不掃你掃誰？

chunchu

2015-02-04 15:54:59 +08:00

3 173-164-76-202-o
7 218.65.30.73
7 62-210-211-45.re
10 194.58.88.86
12 222.161.4.148
24 74.118.195.210
25 117.21.225.137
30 46.227.188.23
32 195-154-169-120.
90 ms012.moonshot.f
120 222.92.213.131