기본 포트 사용 주의!!!!!!!

Posted at 2011. 6. 9. 16:41 | Posted in Server
공부용으로 쓰려고 집에다가 데스크탑 한대 박아놓고 이것저것 깔아서 서버로 쓰고 있습니다.

그러던 어느날 우분투에 깔려있던 proftpd 로그를 보니까 아주 그냥....

May 09 12:56:22 nerv.kr proftpd[20723] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): FTP session opened.
May 09 12:56:22 nerv.kr proftpd[20723] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): USER access: no such user found from ::ffff:121.22.24.61 [::ffff:121.22.24.61] to ::ffff:220.86.83.16:21
May 09 12:56:23 nerv.kr proftpd[20723] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): USER access: no such user found from ::ffff:121.22.24.61 [::ffff:121.22.24.61] to ::ffff:220.86.83.16:21
May 09 12:56:24 nerv.kr proftpd[20723] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): USER access: no such user found from ::ffff:121.22.24.61 [::ffff:121.22.24.61] to ::ffff:220.86.83.16:21
May 09 12:56:24 nerv.kr proftpd[20723] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): Maximum login attempts (3) exceeded, connection refused
May 09 12:56:24 nerv.kr proftpd[20723] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): FTP session closed.
May 09 12:56:24 nerv.kr proftpd[20724] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): FTP session opened.
May 09 12:56:24 nerv.kr proftpd[20724] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): USER account: no such user found from ::ffff:121.22.24.61 [::ffff:121.22.24.61] to ::ffff:220.86.83.16:21
May 09 12:56:25 nerv.kr proftpd[20724] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): USER account: no such user found from ::ffff:121.22.24.61 [::ffff:121.22.24.61] to ::ffff:220.86.83.16:21
May 09 12:56:26 nerv.kr proftpd[20724] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): USER account: no such user found from ::ffff:121.22.24.61 [::ffff:121.22.24.61] to ::ffff:220.86.83.16:21
May 09 12:56:26 nerv.kr proftpd[20724] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): Maximum login attempts (3) exceeded, connection refused
May 09 12:56:26 nerv.kr proftpd[20724] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): FTP session closed.
May 09 12:56:26 nerv.kr proftpd[20725] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): FTP session opened.
May 09 12:56:26 nerv.kr proftpd[20725] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): USER accounts: no such user found from ::ffff:121.22.24.61 [::ffff:121.22.24.61] to ::ffff:220.86.83.16:21
May 09 12:56:27 nerv.kr proftpd[20725] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): USER accounts: no such user found from ::ffff:121.22.24.61 [::ffff:121.22.24.61] to ::ffff:220.86.83.16:21
May 09 12:56:27 nerv.kr proftpd[20725] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): USER accounts: no such user found from ::ffff:121.22.24.61 [::ffff:121.22.24.61] to ::ffff:220.86.83.16:21
May 09 12:56:27 nerv.kr proftpd[20725] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): Maximum login attempts (3) exceeded, connection refused
May 09 12:56:27 nerv.kr proftpd[20725] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): FTP session closed.
May 09 12:56:27 nerv.kr proftpd[20726] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): FTP session opened.
May 09 12:56:28 nerv.kr proftpd[20726] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): USER adam: no such user found from ::ffff:121.22.24.61 [::ffff:121.22.24.61] to ::ffff:220.86.83.16:21
May 09 12:56:29 nerv.kr proftpd[20726] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): USER adam: no such user found from ::ffff:121.22.24.61 [::ffff:121.22.24.61] to ::ffff:220.86.83.16:21
May 09 12:56:29 nerv.kr proftpd[20726] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): USER adam: no such user found from ::ffff:121.22.24.61 [::ffff:121.22.24.61] to ::ffff:220.86.83.16:21
May 09 12:56:29 nerv.kr proftpd[20726] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): Maximum login attempts (3) exceeded, connection refused
May 09 12:56:29 nerv.kr proftpd[20726] nerv.kr (::ffff:121.22.24.61[::ffff:121.22.24.61]): FTP session closed.

A 부터 시작해서 무작위로 로그인을 하고 있네요....



아이피 추적을 해보니 중국으로 나오는군요...

일단은 언넝 서버 내리고 다른 포트로 바꿔 놨는데... 기본 포트 무서워서 사용 못하겠습니다. ㅠㅠ

이거 어떠케 해야하나.... ㅠ_ㅠ



121.22.24.61 Whois

% [whois.apnic.net node-4]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 121.16.0.0 - 121.23.255.255
netname: UNICOM-HE
descr: China Unicom Hebei province network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: KL984-AP
remarks: service provider
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-HE
mnt-routes: MAINT-CNCGROUP-RR
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: 20060508
changed: 20080314
changed: 20090508
source: APNIC

route: 121.16.0.0/13
descr: CNC Group CHINA169 Hebei Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: 20060509
source: APNIC

person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail:
address: No.21,Jin-Rong Street
address: Beijing,100140
address: P.R.China
phone: +86-10-66259940
fax-no: +86-10-66259764
country: CN
changed: 20090408
mnt-by: MAINT-CNCGROUP
source: APNIC

person: Kong Lingfei
nic-hdl: KL984-AP
e-mail:
address: 45, Guang An Street, Shi Jiazhuang City, HeBei Province,050011,CN
phone: +86-311-86681601
fax-no: +86-311-86689210
country: cn
changed: 20090206
mnt-by: MAINT-CNCGROUP-HE
source: APNIC

121.22.24.61 Website Information

Title:

Welcome to BERIS - ??

Description:

n/a

Keywords:

n/a

121.22.24.61 Server Details

IP address:

121.22.24.61

Server Location:

Hebei, Hebei in China

ISP:

China Unicom Hebei province network


'Server' 카테고리의 다른 글

기본 포트 사용 주의!!!!!!!  (0) 2011.06.09

댓글 (Comment)

Name*

Password*

Link (Your Website)

Comment

SECRET | 비밀글로 남기기