{"id":338,"date":"2009-07-19T22:17:22","date_gmt":"2009-07-19T21:17:22","guid":{"rendered":"http:\/\/kerwien.homeip.net\/wordpress\/?p=338"},"modified":"2009-07-20T00:26:50","modified_gmt":"2009-07-19T23:26:50","slug":"massiva-intrangsforsok-sshsftp-nere","status":"publish","type":"post","link":"https:\/\/blog.kerwien.se\/?p=338","title":{"rendered":"Massiva intr\u00e5ngsf\u00f6rs\u00f6k =&gt; ssh\/sftp nere"},"content":{"rendered":"<p>Efter en massa konstigt strul med mina tv\u00e5 Netgear switchar s\u00e5 kollade jag i loggar m.m. f\u00f6r att se om n\u00e5got skumt intr\u00e4ffat. Det enda jag kunde se \u00e4r en massa intr\u00e5ngsf\u00f6rs\u00f6k som inte blockas av fail2ban (Support MrMag?). Innan detta \u00e4r fixat \/ utr\u00e4tt s\u00e5 har jag st\u00e4ng port 22 i brandv\u00e4ggen. Detta inneb\u00e4r att t.ex. \u00e5tkomst via sftp \u00e4r nere.<\/p>\n<p><strong>Edit:<\/strong> Efter att ha lagt till ett regexp i fail2ban som ser ut s\u00e5 h\u00e4r:<\/p>\n<p><!-- \t\t@page { margin: 2cm } \t\tP { margin-bottom: 0.21cm } --><\/p>\n<p style=\"margin-bottom: 0cm\">User .* from &lt;HOST&gt; not allowed because none of user&#8217;s groups are listed in AllowGroups$<\/p>\n<p style=\"margin-bottom: 0cm\">Hoppas jag kunna blocka alla som f\u00f6rs\u00f6ker logga in med users som inte \u00e4r med i r\u00e4tt grupper. Jag har d\u00e4rmed \u00f6ppnat port 22 igen. Jag \u00f6kar ocks\u00e5 tiden som man blir bannad fr\u00e5n 10 min till 30 min.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Efter en massa konstigt strul med mina tv\u00e5 Netgear switchar s\u00e5 kollade jag i loggar m.m. f\u00f6r att se om n\u00e5got skumt intr\u00e4ffat. Det enda jag kunde se \u00e4r en massa intr\u00e5ngsf\u00f6rs\u00f6k som inte blockas av fail2ban (Support MrMag?). Innan detta \u00e4r fixat \/ utr\u00e4tt s\u00e5 har jag st\u00e4ng port 22 i brandv\u00e4ggen. Detta inneb\u00e4r att t.ex. \u00e5tkomst via sftp \u00e4r nere. Edit: Efter att ha lagt till ett regexp&hellip;<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-338","post","type-post","status-publish","format-standard","hentry","category-server-status"],"gutentor_comment":0,"_links":{"self":[{"href":"https:\/\/blog.kerwien.se\/index.php?rest_route=\/wp\/v2\/posts\/338","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.kerwien.se\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.kerwien.se\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.kerwien.se\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.kerwien.se\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=338"}],"version-history":[{"count":5,"href":"https:\/\/blog.kerwien.se\/index.php?rest_route=\/wp\/v2\/posts\/338\/revisions"}],"predecessor-version":[{"id":343,"href":"https:\/\/blog.kerwien.se\/index.php?rest_route=\/wp\/v2\/posts\/338\/revisions\/343"}],"wp:attachment":[{"href":"https:\/\/blog.kerwien.se\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=338"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.kerwien.se\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=338"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.kerwien.se\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=338"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}