到今天为止,服务器已经连续运行了105天,希望还能继续维持。
Archive | Maintain
最近访问主机时常中断
不知道这几天怎么回事,在一天的某个时间段突然就会连接超时,已经连接上的SSH和FTP都会突然中断,有时候重启一下光猫会突然能够访问,但是过了一会再访问就超时了,有时候重启光猫也不行,通过MTR发现202节点丢包达到80%-90%,有时候甚至达到100%。差点以为又要换IP了,但是在中断几个小时之后,就又会恢复正常。
SSH无法登陆
今天突然SSH无法登陆了VPS了,因为前几天刚改了SSH的默认port,所以猜测可能是端口的问题,只能想试试登陆lish将port再次改回22,然后登陆上lish连接上VPS后发现同样因为端口问题无法连接上,只能重启系统,终于通过lish连接上了VPS,把SSH端口改回22后终于能连上了。
fail2ban日志分析
最近更新了bail2ban的策略,改为了永久禁止访问,今天查看了一下日志,结果发现有一个网段的ip地址频繁出现
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 |
2015-02-13 18:08:57,207 fail2ban.actions: WARNING [ssh] Ban 103.41.124.33 2015-02-13 18:09:16,248 fail2ban.actions: WARNING [ssh] Ban 103.41.124.16 2015-02-13 19:00:02,999 fail2ban.actions: WARNING [ssh] Ban 103.41.124.27 2015-02-13 19:16:27,926 fail2ban.actions: WARNING [ssh] Ban 103.41.124.35 2015-02-13 20:00:40,905 fail2ban.actions: WARNING [ssh] Ban 103.41.124.34 2015-02-13 20:00:44,936 fail2ban.actions: WARNING [ssh] Ban 103.41.124.100 2015-02-13 21:06:59,809 fail2ban.actions: WARNING [ssh] Ban 103.41.124.50 2015-02-13 21:16:57,486 fail2ban.actions: WARNING [ssh] Ban 103.41.124.43 2015-02-13 21:58:26,833 fail2ban.actions: WARNING [ssh] Ban 103.41.124.41 2015-02-13 22:49:11,007 fail2ban.actions: WARNING [ssh] Ban 103.41.124.32 2015-02-13 23:04:09,953 fail2ban.actions: WARNING [ssh] Ban 103.41.124.45 2015-02-13 23:48:15,939 fail2ban.actions: WARNING [ssh] Ban 103.41.124.31 2015-02-14 01:09:43,018 fail2ban.actions: WARNING [ssh] Ban 103.41.124.25 2015-02-14 01:10:19,081 fail2ban.actions: WARNING [ssh] Ban 103.41.124.59 2015-02-14 02:01:26,588 fail2ban.actions: WARNING [ssh] Ban 103.41.124.15 2015-02-14 02:17:38,680 fail2ban.actions: WARNING [ssh] Ban 103.41.124.55 2015-02-14 03:02:33,731 fail2ban.actions: WARNING [ssh] Ban 103.41.124.39 2015-02-14 04:04:54,910 fail2ban.actions: WARNING [ssh] Ban 103.41.124.101 2015-02-14 04:12:04,420 fail2ban.actions: WARNING [ssh] Ban 103.41.124.30 2015-02-14 04:57:14,321 fail2ban.actions: WARNING [ssh] Ban 103.41.124.19 2015-02-14 06:06:29,596 fail2ban.actions: WARNING [ssh] Ban 103.41.124.40 2015-02-14 06:48:14,308 fail2ban.actions: WARNING [ssh] Ban 103.41.124.61 2015-02-14 06:48:14,331 fail2ban.actions: WARNING [ssh] Ban 103.41.124.53 2015-02-14 07:57:25,026 fail2ban.actions: WARNING [ssh] Ban 103.41.124.20 2015-02-14 08:44:33,402 fail2ban.actions: WARNING [ssh] Ban 103.41.124.48 2015-02-14 09:48:18,648 fail2ban.actions: WARNING [ssh] Ban 103.41.124.28 2015-02-14 10:30:31,395 fail2ban.actions: WARNING [ssh] Ban 103.41.124.63 2015-02-14 12:34:26,457 fail2ban.actions: WARNING [ssh] Ban 103.41.124.111 2015-02-14 13:18:15,364 fail2ban.actions: WARNING [ssh] Ban 103.41.124.64 2015-02-14 14:16:19,407 fail2ban.actions: WARNING [ssh] Ban 103.41.124.46 2015-02-14 15:14:35,912 fail2ban.actions: WARNING [ssh] Ban 103.41.124.22 2015-02-14 15:29:50,005 fail2ban.actions: WARNING [ssh] Ban 103.41.124.42 2015-02-14 16:16:53,012 fail2ban.actions: WARNING [ssh] Ban 103.41.124.17 2015-02-14 17:09:27,315 fail2ban.actions: WARNING [ssh] Ban 103.41.124.102 |
于是去Google搜索了一下,发现这个ip段在blocklist.de上已经有很多被fail2ban禁止的记录了,估计是一个专门穷举破解SSH密码的组织。想想自动换ip这招实在很厉害,fan2ban对这类自动更换ip地址的暴力破解完全是无解的,如果能够自动屏蔽网段就好了。
使用W3 Total Cache插件优化前后对比
在使用了Memcache作为W3 Total Cache的缓存引擎之后,页面的加载时间对比