( FeriX | 2023. 05. 06., szo – 07:31 )

"Ha már forráskód free, akkor legyen a tudás is az."

Köszi.

Csak ajánlásként, a védelem miatt, mert ha megneszelik a rossz fiúk, hogy ez egy levelező szerver, akkor sokkal nagyobb támadásnak lesz kitéve a szerver, mint mellette egy IP szám eltéréssel egy webszerver.

Igaz nem valós idejű védelmet nyújt, hanem a log-ok alapján blokkol IP számokat, de így is drasztikusan lecsökkenti a szervert érő támadások számát. Ez a fail2ban.

Látom, hogy MySQL-t használsz, és képes ebben is tárolni, így könnyű lekérdezhetővé tenni, hogy kik és honnan támadják a szervert. Csak keress rá "fail2ban mysql" és jön a telepítési útmutató olyan formában mint a Te doksid. Hasznos kis segéd.

Egy hónapja az iráni támadások nagyon durvák, kivonat az adatbázisból:

ip,ports,hostname,country
46.148.40.140,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.164,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.156,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.13,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.149,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
147.78.103.228,"80,443,25,587,465,110,995,143,993,4190",mail,"US, United States"
46.148.40.161,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.162,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.189,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.143,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.49,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.192,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.150,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
87.121.221.41,"80,443,25,587,465,110,995,143,993,4190",mail,"BG, Bulgaria"
46.148.40.146,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.185,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.154,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.152,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.94,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
61.59.4.18,22,mail,"TW, Taiwan"
46.148.40.193,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.157,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.147,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
103.163.215.12,22,mail,""
46.148.40.160,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.195,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.155,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.141,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.136,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.107,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.148,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.130,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.58,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
43.138.185.104,22,mail,"JP, Japan"
46.148.40.190,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.135,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"
46.148.40.197,"80,443,25,587,465,110,995,143,993,4190",mail,"IR, Iran, Islamic Republic of"