The server has been guessed passwords, what method can eliminate, disable port is effective, need to disable the port
CodePudding user response:
There are two directions, along with open, passive block,Increases with the increasing use of strategy can know about the knocking at the door, A usual port in the firewall is shut down, if you want to connect A, according to A certain process to access another unrelated port B, then the server will open needs access port A, there is A call in the Linux knockd application, Windows may have similar, I haven't noticed, you can look for them,
Passive block is through the firewall the login record for visitors to identify abnormal failure, often set a threshold for failure, a threshold value after the IP block directly, there is a call in the Linux fail2ban application, Windows I haven't noticed, in principle, there will be what I use is to write their own log filter, if you have a certain development ability, can consult my articles, https://www.chenxin.info/2020/06/08/windows-rdp-defender/,
CodePudding user response:
This is a bit difficult for me