停止nrpe服务在xinetd下的日志输出

 未分类  No Responses »
10 月 312014
 

查看系统日志,发现大量xinetd下nrpe日志

[root@localhost ~]# less /var/log/messages
 Oct 31 11:49:30 localhost xinetd[9646]: START: nrpe pid=10372 from=::ffff:192.168.153.110
 Oct 31 11:49:30 localhost xinetd[9646]: EXIT: nrpe status=0 pid=10372 duration=0(sec)
 Oct 31 11:51:15 localhost xinetd[9646]: START: nrpe pid=10642 from=::ffff:192.168.153.110
 Oct 31 11:51:15 localhost xinetd[9646]: EXIT: nrpe status=0 pid=10642 duration=0(sec)

修改配置文件,禁用成功状态下的日志

[root@localhost ~]# vi /etc/xinetd.conf
 # Define general logging characteristics.
                log_type        = SYSLOG daemon info
                log_on_failure  = HOST
 #              log_on_success  = PID HOST DURATION EXIT

nrpe-xinetd-log-disable

重新服务xinetd后再次查看日志,不再出现nrpe相关日志

Oct 31 11:52:05 localhost xinetd[9646]: Exiting...
Oct 31 11:52:05 localhost xinetd[10785]: xinetd Version 2.3.14 started with libwrap loadavg labeled-networking options compiled in.
Oct 31 11:52:05 localhost xinetd[10785]: Started working: 1 available service

Juniper SRX远程SSH性能故障分析

 未分类  No Responses »
10 月 312014
 

Oct 30 09:44:57  SRX240H2 sshd[31743]: Received disconnect from 60.173.26.173: 11: Normal Shutdown, Thank you for

playing
Oct 30 09:44:57  SRX240H2 sshd[31742]: Received disconnect from 60.173.14.143: 11: Normal Shutdown, Thank you for

playing
Oct 30 09:44:57  SRX240H2 /kernel: nearing maxproc limit by uid 0, please see tuning(7) and login.conf(5).
Oct 30 09:44:57  SRX240H2 /kernel: Process with Most Children- 1356:inetd – Children – 75

Oct 30 10:30:13  SRX240H2 /kernel: nearing maxproc limit by uid 0, please see tuning(7) and login.conf(5).
Oct 30 10:30:13  SRX240H2 /kernel: Process with Most Children- 1356:inetd – Children – 74
Oct 30 10:30:13  SRX240H2 sshd[39713]: Failed password for root from 60.173.14.143 port 11945 ssh2
Oct 30 10:30:13  SRX240H2 sshd: SSHD_LOGIN_FAILED: Login failed for user ‘root’ from host ‘60.173.26.173’
Oct 30 10:30:13  SRX240H2 sshd[39748]: Received disconnect from 60.173.14.143: 11: Normal Shutdown, Thank you for

playing
Oct 30 10:30:13  SRX240H2 sshd: SSHD_LOGIN_FAILED: Login failed for user ‘root’ from host ‘60.173.14.143’

Oct 30 16:38:17  SRX240H2 sshd[6327]: Received disconnect from 60.173.26.173: 11: Normal Shutdown, Thank you for

playing
Oct 30 16:38:17  SRX240H2 sshd[6321]: Failed password for  from 222.186.58.204 port 1911 ssh2
Oct 30 16:38:17  SRX240H2 sshd: SSHD_LOGIN_FAILED: Login failed for user ” from host ‘222.186.58.204’
Oct 30 16:38:18  SRX240H2 sshd[6329]: Received disconnect from 60.173.14.143: 11: Normal Shutdown, Thank you for

playing
Oct 30 16:38:18  SRX240H2 sshd[6325]: Failed password for root from 60.173.26.173 port 30298 ssh2
Oct 30 16:38:18  SRX240H2 sshd: SSHD_LOGIN_FAILED: Login failed for user ‘root’ from host ‘60.173.26.173’
Oct 30 16:38:18  SRX240H2 sshd[6323]: failed to copy /var/db/login-attempts+ to /var/db/login-attempts

juniper-srx-attack-ssh-01 juniper-srx-attack-ssh-02 juniper-srx-attack-ssh-03 juniper-srx-attack-ssh-04 juniper-srx-attack-ssh-05