我刚刚注意到我的 ubuntu 服务器 22.04 中大量随机请求被 UFW 阻止
9:34 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=193.254.3.18 DST=[MY_SERVER_LOCAL_IP] LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=56991 DF PROTO=TCP SPT=53380 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 kernel
9:34 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=66.175.220.229 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=30851 PROTO=TCP SPT=51982 DPT=7707 WINDOW=1024 RES=0x00 SYN URGP=0 kernel
9:34 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=66.175.220.229 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=45967 PROTO=TCP SPT=51982 DPT=7382 WINDOW=1024 RES=0x00 SYN URGP=0 kernel
9:33 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=198.235.24.92 DST=[MY_SERVER_LOCAL_IP] LEN=44 TOS=0x00 PREC=0x60 TTL=250 ID=54321 PROTO=TCP SPT=50707 DPT=20000 WINDOW=65535 RES=0x00 SYN URGP=0 kernel
9:33 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=167.94.138.138 DST=[MY_SERVER_LOCAL_IP] LEN=44 TOS=0x00 PREC=0x00 TTL=43 ID=28554 PROTO=TCP SPT=40419 DPT=1200 WINDOW=1024 RES=0x00 SYN URGP=0 kernel
9:33 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=27.121.102.61 DST=[MY_SERVER_LOCAL_IP] LEN=52 TOS=0x02 PREC=0x00 TTL=118 ID=7739 DF PROTO=TCP SPT=51796 DPT=3306 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 kernel
9:32 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=94.102.61.35 DST=[MY_SERVER_LOCAL_IP] LEN=166 TOS=0x00 PREC=0x00 TTL=247 ID=54321 PROTO=UDP SPT=42600 DPT=49155 LEN=146 kernel
9:32 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=65.49.1.74 DST=[MY_SERVER_LOCAL_IP] LEN=29 TOS=0x00 PREC=0x00 TTL=56 ID=55861 DF PROTO=UDP SPT=47489 DPT=19 LEN=9 kernel
9:32 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=146.88.241.199 DST=[MY_SERVER_LOCAL_IP] LEN=84 TOS=0x08 PREC=0x40 TTL=242 ID=54321 PROTO=UDP SPT=1701 DPT=1701 LEN=64 kernel
9:31 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=112.37.142.191 DST=[MY_SERVER_LOCAL_IP] LEN=32 TOS=0x00 PREC=0x00 TTL=46 ID=0 DF PROTO=UDP SPT=10758 DPT=123 LEN=12 kernel
9:31 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=14.225.67.147 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=60161 PROTO=TCP SPT=59527 DPT=51389 WINDOW=1024 RES=0x00 SYN URGP=0 kernel
9:31 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=173.230.140.35 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=25347 PROTO=TCP SPT=51934 DPT=5743 WINDOW=1024 RES=0x00 SYN URGP=0 kernel
9:30 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=35.203.211.190 DST=[MY_SERVER_LOCAL_IP] LEN=44 TOS=0x00 PREC=0x60 TTL=250 ID=54321 PROTO=TCP SPT=50268 DPT=9642 WINDOW=65535 RES=0x00 SYN URGP=0 kernel
9:30 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=220.126.92.34 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=6162 PROTO=TCP SPT=5460 DPT=37215 WINDOW=12660 RES=0x00 SYN URGP=0 kernel
9:30 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=162.142.125.254 DST=[MY_SERVER_LOCAL_IP] LEN=44 TOS=0x00 PREC=0x00 TTL=41 ID=65319 PROTO=TCP SPT=6973 DPT=7112 WINDOW=1024 RES=0x00 SYN URGP=0 kernel
9:29 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=222.110.11.183 DST=[MY_SERVER_LOCAL_IP] LEN=32 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF PROTO=UDP SPT=123 DPT=123 LEN=12 kernel
9:29 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=103.254.71.236 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=36298 PROTO=TCP SPT=56453 DPT=59206 WINDOW=1024 RES=0x00 SYN URGP=0 kernel
9:29 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=79.124.62.130 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0xE0 TTL=246 ID=1337 PROTO=TCP SPT=57174 DPT=50349 WINDOW=1024 RES=0x00 SYN URGP=0 kernel
9:28 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=162.216.150.7 DST=[MY_SERVER_LOCAL_IP] LEN=44 TOS=0x18 PREC=0xA0 TTL=59 ID=52322 PROTO=TCP SPT=52909 DPT=1023 WINDOW=1024 RES=0x00 SYN URGP=0 kernel
9:28 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=35.203.211.130 DST=[MY_SERVER_LOCAL_IP] LEN=44 TOS=0x18 PREC=0xA0 TTL=59 ID=51060 PROTO=TCP SPT=56494 DPT=14025 WINDOW=1024 RES=0x00 SYN URGP=0 kernel
9:28 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=125.142.6.219 DST=[MY_SERVER_LOCAL_IP] LEN=32 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF PROTO=UDP SPT=123 DPT=123 LEN=12 kernel
9:27 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=91.191.209.198 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0xE0 TTL=247 ID=53471 PROTO=TCP SPT=41936 DPT=3981 WINDOW=1024 RES=0x00 SYN URGP=0 kernel
9:27 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=167.94.138.138 DST=[MY_SERVER_LOCAL_IP] LEN=44 TOS=0x00 PREC=0x00 TTL=43 ID=13258 PROTO=TCP SPT=53397 DPT=102 WINDOW=1024 RES=0x00 SYN URGP=0 kernel
9:27 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=146.88.241.44 DST=[MY_SERVER_LOCAL_IP] LEN=53 TOS=0x08 PREC=0x40 TTL=242 ID=54321 PROTO=UDP SPT=43322 DPT=27017 LEN=33 kernel
9:26 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=5.252.195.36 DST=[MY_SERVER_LOCAL_IP] LEN=60 TOS=0x00 PREC=0xE0 TTL=56 ID=22080 DF PROTO=TCP SPT=46672 DPT=22 WINDOW=64240 RES=0x00 SYN URGP=0 kernel
9:26 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=45.128.232.212 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0xE0 TTL=247 ID=54321 PROTO=TCP SPT=38716 DPT=8080 WINDOW=65535 RES=0x00 SYN URGP=0 kernel
9:26 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=211.114.69.184 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=58836 PROTO=TCP SPT=16329 DPT=37215 WINDOW=4833 RES=0x00 SYN URGP=0 kernel
9:25 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=148.245.128.156 DST=[MY_SERVER_LOCAL_IP] LEN=60 TOS=0x08 PREC=0x20 TTL=44 ID=56354 DF PROTO=TCP SPT=42167 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 kernel
9:25 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=107.170.254.26 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=41797 DPT=53 WINDOW=65535 RES=0x00 SYN URGP=0 kernel
9:25 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=169.197.150.7 DST=[MY_SERVER_LOCAL_IP] LEN=514 TOS=0x08 PREC=0x20 TTL=51 ID=40048 DF PROTO=TCP SPT=443 DPT=55724 WINDOW=11 RES=0x00 ACK PSH FIN URGP=0 kernel
9:25 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=169.197.150.7 DST=[MY_SERVER_LOCAL_IP] LEN=142 TOS=0x08 PREC=0x20 TTL=51 ID=29710 DF PROTO=TCP SPT=443 DPT=55684 WINDOW=11 RES=0x00 ACK PSH FIN URGP=0 kernel
9:25 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=169.197.150.7 DST=[MY_SERVER_LOCAL_IP] LEN=514 TOS=0x08 PREC=0x20 TTL=51 ID=40047 DF PROTO=TCP SPT=443 DPT=55724 WINDOW=11 RES=0x00 ACK PSH FIN URGP=0 kernel
9:25 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=169.197.150.7 DST=[MY_SERVER_LOCAL_IP] LEN=142 TOS=0x08 PREC=0x20 TTL=51 ID=29709 DF PROTO=TCP SPT=443 DPT=55684 WINDOW=11 RES=0x00 ACK PSH FIN URGP=0 kernel
9:25 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=169.197.150.7 DST=[MY_SERVER_LOCAL_IP] LEN=103 TOS=0x08 PREC=0x20 TTL=51 ID=29708 DF PROTO=TCP SPT=443 DPT=55684 WINDOW=11 RES=0x00 ACK PSH FIN URGP=0 kernel
9:25 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=169.197.150.7 DST=[MY_SERVER_LOCAL_IP] LEN=514 TOS=0x08 PREC=0x20 TTL=51 ID=40042 DF PROTO=TCP SPT=443 DPT=55724 WINDOW=11 RES=0x00 ACK PSH URGP=0 kernel
9:24 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=103.147.13.154 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=2502 PROTO=TCP SPT=56556 DPT=58263 WINDOW=1024 RES=0x00 SYN URGP=0 kernel
9:24 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=91.92.246.221 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=54321 PROTO=TCP SPT=40648 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0 kernel
9:24 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=103.248.123.164 DST=[MY_SERVER_LOCAL_IP] LEN=52 TOS=0x00 PREC=0x00 TTL=119 ID=33488 DF PROTO=TCP SPT=62458 DPT=7680 WINDOW=64240 RES=0x00 SYN URGP=0 kernel
9:23 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=104.26.9.145 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=58 ID=20558 DF PROTO=TCP SPT=443 DPT=58691 WINDOW=8 RES=0x00 ACK FIN URGP=0 kernel
9:23 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=50.116.18.173 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=44438 PROTO=TCP SPT=52052 DPT=8752 WINDOW=1024 RES=0x00 SYN URGP=0 kernel
9:23 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=218.159.32.73 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=840 PROTO=TCP SPT=52967 DPT=37215 WINDOW=41607 RES=0x00 SYN URGP=0 kernel
9:23 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=8.18.47.7 DST=[MY_SERVER_LOCAL_IP] LEN=142 TOS=0x08 PREC=0x20 TTL=51 ID=41799 DF PROTO=TCP SPT=443 DPT=4551 WINDOW=11 RES=0x00 ACK PSH FIN URGP=0 kernel
9:23 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=104.22.55.232 DST=[MY_SERVER_LOCAL_IP] LEN=79 TOS=0x00 PREC=0x00 TTL=58 ID=7223 DF PROTO=TCP SPT=443 DPT=57935 WINDOW=8 RES=0x00 ACK PSH FIN URGP=0 kernel
9:23 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=104.22.55.232 DST=[MY_SERVER_LOCAL_IP] LEN=79 TOS=0x00 PREC=0x00 TTL=58 ID=7222 DF PROTO=TCP SPT=443 DPT=57935 WINDOW=8 RES=0x00 ACK PSH FIN URGP=0 kernel
9:23 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=104.22.55.232 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=58 ID=7221 DF PROTO=TCP SPT=443 DPT=57935 WINDOW=8 RES=0x00 ACK FIN URGP=0 kernel
9:23 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=104.22.55.232 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=58 ID=7220 DF PROTO=TCP SPT=443 DPT=57935 WINDOW=8 RES=0x00 ACK FIN URGP=0 kernel
9:23 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=104.22.51.98 DST=[MY_SERVER_LOCAL_IP] LEN=79 TOS=0x00 PREC=0x00 TTL=58 ID=33630 DF PROTO=TCP SPT=443 DPT=4305 WINDOW=8 RES=0x00 ACK PSH FIN URGP=0 kernel
9:23 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=104.22.51.98 DST=[MY_SERVER_LOCAL_IP] LEN=79 TOS=0x00 PREC=0x00 TTL=58 ID=33629 DF PROTO=TCP SPT=443 DPT=4305 WINDOW=8 RES=0x00 ACK PSH FIN URGP=0 kernel
9:23 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=104.22.51.98 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=58 ID=33628 DF PROTO=TCP SPT=443 DPT=4305 WINDOW=8 RES=0x00 ACK FIN URGP=0 kernel
9:23 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=104.22.51.98 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=58 ID=33627 DF PROTO=TCP SPT=443 DPT=4305 WINDOW=8 RES=0x00 ACK FIN URGP=0 kernel
9:23 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=8.18.47.7 DST=[MY_SERVER_LOCAL_IP] LEN=142 TOS=0x08 PREC=0x20 TTL=51 ID=41798 DF PROTO=TCP SPT=443 DPT=4551 WINDOW=11 RES=0x00 ACK PSH FIN URGP=0 kernel
9:23 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=199.45.155.16 DST=[MY_SERVER_LOCAL_IP] LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=51357 DF PROTO=TCP SPT=55214 DPT=3306 WINDOW=42340 RES=0x00 SYN URGP=0 kernel
9:23 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=8.18.47.7 DST=[MY_SERVER_LOCAL_IP] LEN=142 TOS=0x08 PREC=0x20 TTL=51 ID=41797 DF PROTO=TCP SPT=443 DPT=4551 WINDOW=11 RES=0x00 ACK PSH FIN URGP=0 kernel
9:22 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=79.124.56.186 DST=[MY_SERVER_LOCAL_IP] LEN=44 TOS=0x00 PREC=0xE0 TTL=247 ID=63928 PROTO=TCP SPT=50255 DPT=7865 WINDOW=1025 RES=0x00 SYN URGP=0 kernel
9:22 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=79.124.56.186 DST=[MY_SERVER_LOCAL_IP] LEN=44 TOS=0x00 PREC=0xE0 TTL=247 ID=62166 PROTO=TCP SPT=50239 DPT=2665 WINDOW=1025 RES=0x00 SYN URGP=0 kernel
9:22 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=79.124.56.186 DST=[MY_SERVER_LOCAL_IP] LEN=44 TOS=0x00 PREC=0xE0 TTL=247 ID=62867 PROTO=TCP SPT=50239 DPT=9213 WINDOW=1025 RES=0x00 SYN URGP=0 kernel
9:21 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=15.235.196.36 DST=[MY_SERVER_LOCAL_IP] LEN=105 TOS=0x00 PREC=0x00 TTL=53 ID=29418 DF PROTO=UDP SPT=443 DPT=50852 LEN=85 kernel
9:21 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=172.233.142.191 DST=[MY_SERVER_LOCAL_IP] LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=40311 PROTO=TCP SPT=52062 DPT=9683 WINDOW=1024 RES=0x00 SYN URGP=0 kernel
9:21 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=71.6.146.186 DST=[MY_SERVER_LOCAL_IP] LEN=44 TOS=0x08 PREC=0x20 TTL=118 ID=8270 PROTO=TCP SPT=29011 DPT=5900 WINDOW=6847 RES=0x00 SYN URGP=0 kernel
当用谷歌搜索它时,发现该帖子提到仅来自同一 IP 的重复请求,但这些请求具有不同的 IP 和端口。
自过去几个月以来,我刚刚开始使用我的 Ubuntu 服务器 22.04,所以不太了解这里实际发生的情况。任何帮助将不胜感激。
- 这些来自随机机器人的请求是否会攻击我的服务器?
- 我的下一步应该是什么?
您的服务器似乎正在从各个 IP 地址接收大量连接尝试(主要是 SYN 数据包)。这可能表明随机机器人或自动扫描试图在您的服务器上查找开放端口或漏洞。
考虑安装 Fail2ban。Fail2Ban 扫描 /var/log/auth.log 等日志文件,并禁止进行过多失败登录尝试的 IP 地址。它通过更新系统防火墙规则以在可配置的时间内拒绝来自这些 IP 地址的新连接来实现此目的。Fail2Ban 开箱即用,可以读取许多标准日志文件,例如 sshd 和 Apache 的日志文件,并且可以轻松配置为读取您选择的任何日志文件,以应对您希望的任何错误。