feeman Опубликовано 5 ноября, 2019 · Жалоба Заметил на маршрутизаторе cisco вот такую странную активность. Кто в курсе, подскажите: Скрытый текст 000097: Oct 29 00:31:29.134: %SSH-3-NO_MATCH: No matching cipher found: client chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000098: Oct 29 00:31:29.350: %SSH-3-NO_MATCH: No matching cipher found: client chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000099: Oct 29 01:54:49.746: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 110.185.166.137 000100: Oct 29 09:03:56.156: %SSH-3-NO_MATCH: No matching cipher found: client aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000101: Oct 29 09:39:55.212: %SSH-3-DH_SIZE: DH public key size > DH group key size(128) 000102: Oct 29 16:58:29.770: %SSH-3-NO_MATCH: No matching cipher found: client aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128 server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000103: Oct 29 22:36:36.089: %SSH-3-NO_MATCH: No matching cipher found: client aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128 server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000104: Oct 30 18:51:16.608: %SSH-3-NO_MATCH: No matching cipher found: client chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000105: Oct 30 22:37:13.555: %SSH-3-NO_MATCH: No matching cipher found: client aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128 server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000106: Oct 30 22:44:54.343: %SSH-3-NO_MATCH: No matching cipher found: client chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000107: Oct 30 22:44:54.467: %SSH-3-NO_MATCH: No matching cipher found: client chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000108: Oct 31 17:28:08.110: %SSH-3-NO_MATCH: No matching cipher found: client aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000109: Oct 31 22:36:40.049: %SSH-3-NO_MATCH: No matching cipher found: client aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128 server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000110: Nov 1 00:56:57.516: %SSH-3-NO_MATCH: No matching cipher found: client aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000111: Nov 1 04:41:04.487: %SSH-3-NO_MATCH: No matching hostkey algorithm found: client ecdsa-sha2-nistp256 server ssh-rsa 000112: Nov 1 04:41:19.683: %SSH-3-NO_MATCH: No matching hostkey algorithm found: client ecdsa-sha2-nistp384 server ssh-rsa 000113: Nov 1 04:41:35.199: %SSH-3-NO_MATCH: No matching hostkey algorithm found: client ecdsa-sha2-nistp521 server ssh-rsa 000114: Nov 1 04:42:12.579: %SSH-3-NO_MATCH: No matching hostkey algorithm found: client ssh-dss server ssh-rsa 000115: Nov 1 06:24:23.551: %SSH-3-NO_MATCH: No matching cipher found: client aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000116: Nov 1 10:35:29.234: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 180.149.125.170 000117: Nov 1 22:36:53.971: %SSH-3-NO_MATCH: No matching cipher found: client aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128 server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000118: Nov 1 22:52:31.579: %SSH-3-NO_MATCH: No matching cipher found: client aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000119: Nov 2 00:28:57.182: %SSH-3-NO_MATCH: No matching cipher found: client aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128 server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000120: Nov 2 02:59:14.658: %SSH-3-NO_MATCH: No matching cipher found: client aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000121: Nov 2 11:58:35.208: %SSH-3-NO_MATCH: No matching cipher found: client aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128 server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000122: Nov 2 21:41:17.773: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 196.52.43.128 000123: Nov 3 07:03:50.783: %SSH-3-NO_MATCH: No matching cipher found: client chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000124: Nov 3 07:03:50.811: %SSH-3-NO_MATCH: No matching cipher found: client chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000125: Nov 4 07:36:56.625: %SSH-3-NO_MATCH: No matching cipher found: client aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128 server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000126: Nov 4 22:37:17.809: %SSH-3-NO_MATCH: No matching cipher found: client aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128 server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000127: Nov 4 22:51:54.177: %SSH-3-NO_MATCH: No matching cipher found: client aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000128: Nov 4 23:45:58.061: %SSH-3-NO_MATCH: No matching cipher found: client chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000129: Nov 4 23:45:58.373: %SSH-3-NO_MATCH: No matching cipher found: client chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000130: Nov 5 01:04:31.040: %SSH-3-NO_MATCH: No matching cipher found: client aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc 000131: Nov 5 04:03:05.860: %SSH-3-NO_MATCH: No matching cipher found: client aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128 server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
TheUser Опубликовано 5 ноября, 2019 · Жалоба Ограничьте же SSH со сторонних сетей. Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
smart85 Опубликовано 5 ноября, 2019 · Жалоба И вообще, судя по тому, что имеет место быть такое на SSH, следует посмотреть, а если CoPP вообще на железке. Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
kapydan Опубликовано 5 ноября, 2019 · Жалоба какая железка и ios? Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
feeman Опубликовано 5 ноября, 2019 · Жалоба 24 минуты назад, kapydan сказал: какая железка и ios? Cisco 7201 disk2:c7200p-adventerprisek9-mz.152-4.M11.bin Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
feeman Опубликовано 5 ноября, 2019 · Жалоба 1 час назад, mse.rus77 сказал: а если CoPP вообще на железке CoPP есть, но не используется. Кстати, за приведенный пример был бы очень признателен. Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
smart85 Опубликовано 5 ноября, 2019 · Жалоба 12 минут назад, feeman сказал: CoPP есть, но не используется. Кстати, за приведенный пример был бы очень признателен. По форуму поищите, был отличный пример Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
kapydan Опубликовано 5 ноября, 2019 · Жалоба 54 минуты назад, feeman сказал: Cisco 7201 disk2:c7200p-adventerprisek9-mz.152-4.M11.bin Судя по feature navigator, 15.2 последняя версия для 7201. Недавно была похожая проблема на 2921 роутере, там решилось обновлением софта. А в данному случае - возможно, стоит посмотреть настройки доступа ssh и обновить rsa ключи. Но могу ошибаться. Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
StSphinx Опубликовано 5 ноября, 2019 · Жалоба Control Plane Policing Implementation Best Practices Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
ayf Опубликовано 13 февраля, 2020 · Жалоба Чтобы темы не плодить, спрошу тут. Коммутатор 3560Х. В логах идет такое: 028025: Feb 12 23:02:03.617: SSH2 5: no matching cipher found: client aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr 028026: Feb 13 01:51:14.119: SSH2 5: no matching cipher found: client aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr 028027: Feb 13 05:17:50.806: SSH2 5: no matching cipher found: client aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr 028028: Feb 13 05:56:00.524: SSH2 5: no matching cipher found: client aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr 028029: Feb 13 06:18:06.141: SSH2 5: no matching cipher found: client aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr 028030: Feb 13 06:36:59.273: SSH2 5: no matching cipher found: client aes128-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr При этом коммутатор сидит во внутренней сети, без доступа в интернет. Доступ в интернет есть только у клиентов, которые к нему подключены. Софт: "flash:/c3560e-universalk9-mz.122-55.SE5/c3560e-universalk9-mz.122-55.SE5.bin Логирование показало, что ко мне ломятся из Румынии: 028104: Feb 13 13:06:33.862: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:06:33 MSK Thu Feb 13 2020 028105: Feb 13 13:06:36.211: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: user] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:06:36 MSK Thu Feb 13 2020 028106: Feb 13 13:06:38.937: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: support] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:06:38 MSK Thu Feb 13 2020 028107: Feb 13 13:06:48.902: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: root] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:06:48 MSK Thu Feb 13 2020 028108: Feb 13 13:06:51.679: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:06:51 MSK Thu Feb 13 2020 028109: Feb 13 13:06:54.187: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:06:54 MSK Thu Feb 13 2020 028110: Feb 13 13:07:01.963: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:07:01 MSK Thu Feb 13 2020 028111: Feb 13 13:07:03.473: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:03 MSK Thu Feb 13 2020 028112: Feb 13 13:07:04.169: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: default] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:07:04 MSK Thu Feb 13 2020 028113: Feb 13 13:07:05.637: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: user] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:05 MSK Thu Feb 13 2020 028114: Feb 13 13:07:06.702: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: user] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:07:06 MSK Thu Feb 13 2020 028115: Feb 13 13:07:07.851: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: support] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:07 MSK Thu Feb 13 2020 028116: Feb 13 13:07:11.114: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: root] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:11 MSK Thu Feb 13 2020 028117: Feb 13 13:07:12.658: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: default] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:07:12 MSK Thu Feb 13 2020 028118: Feb 13 13:07:13.371: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:13 MSK Thu Feb 13 2020 028119: Feb 13 13:07:14.948: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: operator] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:07:14 MSK Thu Feb 13 2020 028120: Feb 13 13:07:15.443: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:15 MSK Thu Feb 13 2020 028121: Feb 13 13:07:18.110: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: ubnt] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:07:18 MSK Thu Feb 13 2020 028122: Feb 13 13:07:19.159: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:19 MSK Thu Feb 13 2020 028123: Feb 13 13:07:21.289: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: default] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:21 MSK Thu Feb 13 2020 028124: Feb 13 13:07:23.378: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: user] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:23 MSK Thu Feb 13 2020 028125: Feb 13 13:07:28.931: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:07:28 MSK Thu Feb 13 2020 028126: Feb 13 13:07:37.126: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: default] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:37 MSK Thu Feb 13 2020 028127: Feb 13 13:07:39.198: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: operator] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:39 MSK Thu Feb 13 2020 028128: Feb 13 13:07:41.279: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: ubnt] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:41 MSK Thu Feb 13 2020 028129: Feb 13 13:07:42.075: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:07:42 MSK Thu Feb 13 2020 028130: Feb 13 13:07:45.473: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:45 MSK Thu Feb 13 2020 028131: Feb 13 13:07:47.654: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:47 MSK Thu Feb 13 2020 028132: Feb 13 13:07:49.893: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: 1234] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:49 MSK Thu Feb 13 2020 028133: Feb 13 13:07:53.081: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:53 MSK Thu Feb 13 2020 028134: Feb 13 13:07:55.161: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: root] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:55 MSK Thu Feb 13 2020 028135: Feb 13 13:07:57.401: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:07:57 MSK Thu Feb 13 2020 028136: Feb 13 13:07:57.753: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: 1234] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:07:57 MSK Thu Feb 13 2020 028137: Feb 13 13:08:00.580: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: user] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:00 MSK Thu Feb 13 2020 028138: Feb 13 13:08:02.668: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:02 MSK Thu Feb 13 2020 028139: Feb 13 13:08:03.524: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:08:03 MSK Thu Feb 13 2020 028140: Feb 13 13:08:04.732: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: camera] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:04 MSK Thu Feb 13 2020 028141: Feb 13 13:08:06.863: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: root] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:08:06 MSK Thu Feb 13 2020 028142: Feb 13 13:08:07.945: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: ftp] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:07 MSK Thu Feb 13 2020 028143: Feb 13 13:08:10.033: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: tplink] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:10 MSK Thu Feb 13 2020 028144: Feb 13 13:08:10.696: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:08:10 MSK Thu Feb 13 2020 028145: Feb 13 13:08:12.147: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: guest] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:12 MSK Thu Feb 13 2020 028146: Feb 13 13:08:15.561: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: test] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:15 MSK Thu Feb 13 2020 028147: Feb 13 13:08:15.695: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: user] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:08:15 MSK Thu Feb 13 2020 028148: Feb 13 13:08:17.667: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: root] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:17 MSK Thu Feb 13 2020 028149: Feb 13 13:08:18.178: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:08:18 MSK Thu Feb 13 2020 028150: Feb 13 13:08:19.730: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: telecomadmin] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:19 MSK Thu Feb 13 2020 028151: Feb 13 13:08:20.871: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: camera] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:08:20 MSK Thu Feb 13 2020 028152: Feb 13 13:08:22.892: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:22 MSK Thu Feb 13 2020 028153: Feb 13 13:08:25.275: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:25 MSK Thu Feb 13 2020 028154: Feb 13 13:08:25.367: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: ftp] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:08:25 MSK Thu Feb 13 2020 028155: Feb 13 13:08:27.355: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:27 MSK Thu Feb 13 2020 028156: Feb 13 13:08:28.647: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: tplink] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:08:28 MSK Thu Feb 13 2020 028157: Feb 13 13:08:30.543: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: cron] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:30 MSK Thu Feb 13 2020 028158: Feb 13 13:08:31.834: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: guest] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:08:31 MSK Thu Feb 13 2020 028159: Feb 13 13:08:32.908: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:32 MSK Thu Feb 13 2020 028160: Feb 13 13:08:34.988: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admins] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:34 MSK Thu Feb 13 2020 028161: Feb 13 13:08:38.067: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: ftp] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:38 MSK Thu Feb 13 2020 028162: Feb 13 13:08:40.172: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: osmc] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:40 MSK Thu Feb 13 2020 028163: Feb 13 13:08:42.060: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: test] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:08:42 MSK Thu Feb 13 2020 028164: Feb 13 13:08:42.269: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: root] [Source: 185.232.67.5] [localport: 22] [Reason: Login Authentication Failed] at 13:08:42 MSK Thu Feb 13 2020 028165: Feb 13 13:08:44.610: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: root] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:08:44 MSK Thu Feb 13 2020 028166: Feb 13 13:08:48.158: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: telecomadmin] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:08:48 MSK Thu Feb 13 2020 028167: Feb 13 13:08:54.608: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:08:54 MSK Thu Feb 13 2020 028168: Feb 13 13:08:57.905: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:08:57 MSK Thu Feb 13 2020 028169: Feb 13 13:09:01.025: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:09:01 MSK Thu Feb 13 2020 028170: Feb 13 13:09:05.916: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: cron] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:09:05 MSK Thu Feb 13 2020 028171: Feb 13 13:09:09.900: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admin] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:09:09 MSK Thu Feb 13 2020 028172: Feb 13 13:09:13.742: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: admins] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:09:13 MSK Thu Feb 13 2020 028173: Feb 13 13:09:19.840: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: ftp] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:09:19 MSK Thu Feb 13 2020 028174: Feb 13 13:09:23.263: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: osmc] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:09:23 MSK Thu Feb 13 2020 028175: Feb 13 13:09:26.937: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: root] [Source: 185.232.67.6] [localport: 22] [Reason: Login Authentication Failed] at 13:09:26 MSK Thu Feb 13 2020 Как бы это прекратить? Имеет ли смысл писать администратору той сети, с которой идет брутфорс? Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
VolanD666 Опубликовано 13 февраля, 2020 · Жалоба Ну скорее всего ломятся на клиентский шлюз, который прописан на SVI коммутатора. Лечится установкой ACL на vty + я бы управление положил в отдельный VRF. Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...