{"id":93,"date":"2007-08-10T01:10:00","date_gmt":"2007-08-10T01:10:00","guid":{"rendered":"http:\/\/apollo89.com\/wordpress\/?p=93"},"modified":"2013-11-14T09:38:44","modified_gmt":"2013-11-14T00:38:44","slug":"%ec%84%9c%eb%b2%84-%ea%b3%b5%ea%b2%a9","status":"publish","type":"post","link":"https:\/\/apollo89.com\/wordpress\/?p=93","title":{"rendered":"\uc11c\ubc84 \uacf5\uaca9!!!"},"content":{"rendered":"

 <\/p>\n

\uc624\ub298 \uc6b0\uc5f0\ucc2e\uac8c message \ub85c\uadf8\ub97c \ubcf4\uac8c \ub418\uc5c8\ub294\ub370..<\/p>\n

\uc774\ub7f0!!!!<\/p>\n

\uc774\ub7f0 \uba54\uc138\uc9c0\ub4e4\uc774 \uc5c4\uccad\ub098\uac8c \uc788\ub294\uac83\uc774 \uc544\ub2cc\uac00?\u3161\u3161;;;;<\/p>\n

Aug 10 08:26:28 xxxxxxxx sshd(pam_unix)[31593]: check pass; user unknown\r\nAug 10 08:26:28 xxxxxxxx sshd(pam_unix)[31593]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=hostpartner-32.open-path.net\r\nAug 10 08:26:33 xxxxxxxx sshd(pam_unix)[31594]: check pass; user unknown\r\nAug 10 08:26:33 xxxxxxxx sshd(pam_unix)[31594]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=hostpartner-32.open-path.net\r\nAug 10 08:26:39 xxxxxxxx sshd(pam_unix)[31595]: check pass; user unknown\r\nAug 10 08:26:39 xxxxxxxx sshd(pam_unix)[31595]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=hostpartner-32.open-path.net\r\nAug 10 08:26:44 xxxxxxxx sshd(pam_unix)[31596]: check pass; user unknown\r\nAug 10 08:26:44 xxxxxxxx sshd(pam_unix)[31596]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=hostpartner-32.open-path.net\r\nAug 10 08:26:49 xxxxxxxx sshd(pam_unix)[31597]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=hostpartner-32.open-path.net\u00a0 user=root\r\nAug 10 08:26:54 xxxxxxxx sshd(pam_unix)[31598]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=hostpartner-32.open-path.net\u00a0 user=root\r\nAug 10 08:27:00 xxxxxxxx sshd(pam_unix)[31599]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=hostpartner-32.open-path.net\u00a0 user=root<\/pre>\n
\uc5b4\ub5a4 XX\uac00 \uc11c\ubc84\uc5d0 root\ub85c \ub85c\uadf8\uc778\uc744 \ud558\ub824\uace0 \uc218\uc791\uc744 \ubd80\ub9ac\ub294\uac8c \ubd84\uba85\ud588\ub2e4..<\/p>\n
\uadf8\ub798\uc11c \uc5b4\ub5bb\ud560\uae4c \uace0\ubbfc\uc744 \ud558\ub2e4\uac00 \uc6b0\uc120\uc740 sshd\uc758 root \uc811\uc18d\uc744 \ub9c9\uace0, \ud3ec\ud2b8\ub97c \ubc14\uafd4\uc57c \uaca0\ub2e4..\u314b<\/p>\n
\/etc\/ssh\/sshd_config \ubcc0\uacbd.
\nPermitRootLogin no
\nPort xxxx<\/p>\n
\uadf8\ub9ac\uace0 restart!!
\n\/etc\/init.d\/sshd restart<\/p>\n
\uc778\ud130\ub137\uc73c\ub85c \uac80\uc0c9…<\/p>\n
\uc791\ub144\ub9d0\ubd80\ud130 \uc720\ud589\ud558\uae30 \uc2dc\uc791\ud55c ssh\ub97c \ud1b5\ud55c brute force \ub85c\uc11c \uc26c\uc6b4 \uc554\ud638\ub97c \uc0ac\uc6a9\ud558\ub294 \uacc4\uc815\uc5d0 \ub300\ud55c \uc77c\uc885\uc758 \ubb34\uc791\uc704\ub300\uc785\ubc95\uc774\ub77c\uace0 \ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \ub300\ubd80\ubd84\uc758 \uc720\uc800\ub4e4\uc774 1234\ub098 1111\ub4f1 \uc26c\uc6b4 \uc554\ud638\ub97c \uc0ac\uc6a9\ud55c\ub2e4\ub294 \uc810\uc744 \uc545\uc6a9\ud558\uc5ec \ubb34\uc791\uc704\ub85c \ub85c\uadf8\uc778\uc744 \uc2dc\ub3c4\ud558\ub294 \uac83\uc785\ub2c8\ub2e4.<\/p>\n
\ub530\ub77c\uc11c
\n1. john the ripper \uc774\ub77c\ub294 \ud504\ub85c\uadf8\ub7a8\uc744 \uc774\uc6a9\ud558\uc5ec \uc26c\uc6b4 \uc554\ud638\ub97c \uc0ac\uc6a9\ud558\ub294 \uacc4\uc815\uc744 \ucc3e\uc544 \uc554\ud638\ub97c \uc5b4\ub835\uac8c \uc124\uc815 \ubcc0\uacbd\ud558\uace0 –(\ubcf8\uc11c47p\uc5d0 \uc790\uc138\ud55c \uc548\ub0b4\ucc38\uc870)<\/p>\n
2. ssh \uc124\uc815\uc5d0\uc11c \ud5c8\uc6a9\ub41c \uc720\uc800\ub9cc \ub610\ub294 \ud5c8\uc6a9\ub41c ip\uc5d0\uc11c\ub9cc \uc811\uadfc\ud560 \uc218 \uc788\ub3c4\ub85d \ubcf4\uc548 \uc124\uc815\uc744 \ud558\uc2dc\uae30 \ubc14\ub78d\ub2c8\ub2e4. \ub610\ub294 port \ubc88\ud638\ub97c 22\ub300\uc2e0 825\uc640 \uac19\uc774 \ubcc0\uacbd\ud558\ub294 \uac83\ub3c4 \ubb34\uc791\uc704 \uc2a4\uce94\uc5d0 \ub300\ud55c \ub300\uc751\ubc29\ubc95\uc911 \ud558\ub098\uac00 \ub420 \uc218 \uc788\uc2b5\ub2c8\ub2e4.
\n(\ubcf8\uc11c 284p-SSH\ubcf4\uc548-\uc5d0 \uc790\uc138\ud55c \uc548\ub0b4 \ucc38\uc870)<\/p>\n
3. \uadf8\ub7ec\ub098 \uac00\uc7a5 \uc88b\uc740 \ubc29\ubc95\uc740 iptables \ubc29\ud654\ubcbd\uc73c\ub85c \ucee4\ub110 \ub808\ubca8\uc5d0\uc11c \uc811\uadfc \ud1b5\uc81c\ub97c \uc5c4\uaca9\ud558\uac8c \ud558\ub294 \uac83\uc785\ub2c8\ub2e4. \uc774\ub7ec\ud55c \uacbd\uc6b0 \uc77c\uc77c\uc774 \ub85c\uadf8\ub97c \uccb4\ud06c\ud558\uc9c0 \uc54a\ub354\ub77c\ub3c4 \uc548\uc2ec\ud558\uc2e4 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \ubcf8\uc11c\ub97c \ubcf4\uc2dc\uba74 iptables \ubc29\ud654\ubcbd\uc758 \ud65c\uc6a9\ubc29\ubc95\uc5d0 \ub300\ud574 \uc790\uc138\ud558\uc138 \uc124\uba85\ub418\uc5b4 \uc788\uc2b5\ub2c8\ub2e4.\n<\/p><\/blockquote>\n
\ucd9c\ucc98 : http:\/\/www.superuser.co.kr\/home\/superuserboard\/view.html?id=801&code=security&start=&position<\/a>=<\/p>\n","protected":false},"excerpt":{"rendered":"
  \uc624\ub298 \uc6b0\uc5f0\ucc2e\uac8c message \ub85c\uadf8\ub97c \ubcf4\uac8c \ub418\uc5c8\ub294\ub370.. \uc774\ub7f0!!!! \uc774\ub7f0 \uba54\uc138\uc9c0\ub4e4\uc774 \uc5c4\uccad\ub098\uac8c \uc788\ub294\uac83\uc774 \uc544\ub2cc\uac00?\u3161\u3161;;;; Aug 10 08:26:28 xxxxxxxx sshd(pam_unix)[31593]: check pass; user unknown Aug 10 08:26:28 xxxxxxxx sshd(pam_unix)[31593]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=hostpartner-32.open-path.net Aug 10 08:26:33 xxxxxxxx sshd(pam_unix)[31594]: … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[703],"tags":[],"class_list":["post-93","post","type-post","status-publish","format-standard","hentry","category-securityhacking"],"yoast_head":"\n\uc11c\ubc84 \uacf5\uaca9!!! - Apollo89.com<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/apollo89.com\/wordpress\/?p=93\" \/>\n<meta property=\"og:locale\" content=\"ko_KR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\uc11c\ubc84 \uacf5\uaca9!!! - Apollo89.com\" \/>\n<meta property=\"og:description\" content=\"  \uc624\ub298 \uc6b0\uc5f0\ucc2e\uac8c message \ub85c\uadf8\ub97c \ubcf4\uac8c \ub418\uc5c8\ub294\ub370.. \uc774\ub7f0!!!! \uc774\ub7f0 \uba54\uc138\uc9c0\ub4e4\uc774 \uc5c4\uccad\ub098\uac8c \uc788\ub294\uac83\uc774 \uc544\ub2cc\uac00?\u3161\u3161;;;; Aug 10 08:26:28 xxxxxxxx sshd(pam_unix)[31593]: check pass; user unknown Aug 10 08:26:28 xxxxxxxx sshd(pam_unix)[31593]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=hostpartner-32.open-path.net Aug 10 08:26:33 xxxxxxxx sshd(pam_unix)[31594]: … Continue reading →\" \/>\n<meta property=\"og:url\" content=\"https:\/\/apollo89.com\/wordpress\/?p=93\" \/>\n<meta property=\"og:site_name\" content=\"Apollo89.com\" \/>\n<meta property=\"article:published_time\" content=\"2007-08-10T01:10:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2013-11-14T00:38:44+00:00\" \/>\n<meta name=\"author\" content=\"apollo89\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\uae00\uc4f4\uc774\" \/>\n\t<meta name=\"twitter:data1\" content=\"apollo89\" \/>\n\t<meta name=\"twitter:label2\" content=\"\uc608\uc0c1 \ub418\ub294 \ud310\ub3c5 \uc2dc\uac04\" \/>\n\t<meta name=\"twitter:data2\" content=\"1\ubd84\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/?p=93#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/?p=93\"},\"author\":{\"name\":\"apollo89\",\"@id\":\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/#\\\/schema\\\/person\\\/93f56825cac3b2f18e5f107995066c82\"},\"headline\":\"\uc11c\ubc84 \uacf5\uaca9!!!\",\"datePublished\":\"2007-08-10T01:10:00+00:00\",\"dateModified\":\"2013-11-14T00:38:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/?p=93\"},\"wordCount\":49,\"commentCount\":0,\"articleSection\":[\"Security\\\/Hacking\"],\"inLanguage\":\"ko-KR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/?p=93#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/?p=93\",\"url\":\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/?p=93\",\"name\":\"\uc11c\ubc84 \uacf5\uaca9!!! - Apollo89.com\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/#website\"},\"datePublished\":\"2007-08-10T01:10:00+00:00\",\"dateModified\":\"2013-11-14T00:38:44+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/#\\\/schema\\\/person\\\/93f56825cac3b2f18e5f107995066c82\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/?p=93#breadcrumb\"},\"inLanguage\":\"ko-KR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/?p=93\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/?p=93#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\ud648\",\"item\":\"https:\\\/\\\/apollo89.com\\\/wordpress\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\uc11c\ubc84 \uacf5\uaca9!!!\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/#website\",\"url\":\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/\",\"name\":\"Apollo89.com\",\"description\":\"\uc544\ud3f4\ub85c\uc528\uc758 \uc7a1\ub2e4\ud55c \uacbd\ud5d8\ub4e4..\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"ko-KR\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/#\\\/schema\\\/person\\\/93f56825cac3b2f18e5f107995066c82\",\"name\":\"apollo89\",\"description\":\"\uc544\ud3f4\ub85c89 \uc785\ub2c8\ub2e4.\",\"url\":\"https:\\\/\\\/apollo89.com\\\/wordpress\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\uc11c\ubc84 \uacf5\uaca9!!! - Apollo89.com","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/apollo89.com\/wordpress\/?p=93","og_locale":"ko_KR","og_type":"article","og_title":"\uc11c\ubc84 \uacf5\uaca9!!! - Apollo89.com","og_description":"  \uc624\ub298 \uc6b0\uc5f0\ucc2e\uac8c message \ub85c\uadf8\ub97c \ubcf4\uac8c \ub418\uc5c8\ub294\ub370.. \uc774\ub7f0!!!! \uc774\ub7f0 \uba54\uc138\uc9c0\ub4e4\uc774 \uc5c4\uccad\ub098\uac8c \uc788\ub294\uac83\uc774 \uc544\ub2cc\uac00?\u3161\u3161;;;; Aug 10 08:26:28 xxxxxxxx sshd(pam_unix)[31593]: check pass; user unknown Aug 10 08:26:28 xxxxxxxx sshd(pam_unix)[31593]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=hostpartner-32.open-path.net Aug 10 08:26:33 xxxxxxxx sshd(pam_unix)[31594]: … Continue reading →","og_url":"https:\/\/apollo89.com\/wordpress\/?p=93","og_site_name":"Apollo89.com","article_published_time":"2007-08-10T01:10:00+00:00","article_modified_time":"2013-11-14T00:38:44+00:00","author":"apollo89","twitter_card":"summary_large_image","twitter_misc":{"\uae00\uc4f4\uc774":"apollo89","\uc608\uc0c1 \ub418\ub294 \ud310\ub3c5 \uc2dc\uac04":"1\ubd84"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/apollo89.com\/wordpress\/?p=93#article","isPartOf":{"@id":"https:\/\/apollo89.com\/wordpress\/?p=93"},"author":{"name":"apollo89","@id":"https:\/\/apollo89.com\/wordpress\/#\/schema\/person\/93f56825cac3b2f18e5f107995066c82"},"headline":"\uc11c\ubc84 \uacf5\uaca9!!!","datePublished":"2007-08-10T01:10:00+00:00","dateModified":"2013-11-14T00:38:44+00:00","mainEntityOfPage":{"@id":"https:\/\/apollo89.com\/wordpress\/?p=93"},"wordCount":49,"commentCount":0,"articleSection":["Security\/Hacking"],"inLanguage":"ko-KR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/apollo89.com\/wordpress\/?p=93#respond"]}]},{"@type":"WebPage","@id":"https:\/\/apollo89.com\/wordpress\/?p=93","url":"https:\/\/apollo89.com\/wordpress\/?p=93","name":"\uc11c\ubc84 \uacf5\uaca9!!! - Apollo89.com","isPartOf":{"@id":"https:\/\/apollo89.com\/wordpress\/#website"},"datePublished":"2007-08-10T01:10:00+00:00","dateModified":"2013-11-14T00:38:44+00:00","author":{"@id":"https:\/\/apollo89.com\/wordpress\/#\/schema\/person\/93f56825cac3b2f18e5f107995066c82"},"breadcrumb":{"@id":"https:\/\/apollo89.com\/wordpress\/?p=93#breadcrumb"},"inLanguage":"ko-KR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/apollo89.com\/wordpress\/?p=93"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/apollo89.com\/wordpress\/?p=93#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\ud648","item":"https:\/\/apollo89.com\/wordpress"},{"@type":"ListItem","position":2,"name":"\uc11c\ubc84 \uacf5\uaca9!!!"}]},{"@type":"WebSite","@id":"https:\/\/apollo89.com\/wordpress\/#website","url":"https:\/\/apollo89.com\/wordpress\/","name":"Apollo89.com","description":"\uc544\ud3f4\ub85c\uc528\uc758 \uc7a1\ub2e4\ud55c \uacbd\ud5d8\ub4e4..","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/apollo89.com\/wordpress\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ko-KR"},{"@type":"Person","@id":"https:\/\/apollo89.com\/wordpress\/#\/schema\/person\/93f56825cac3b2f18e5f107995066c82","name":"apollo89","description":"\uc544\ud3f4\ub85c89 \uc785\ub2c8\ub2e4.","url":"https:\/\/apollo89.com\/wordpress\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/apollo89.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/93","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/apollo89.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/apollo89.com\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/apollo89.com\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/apollo89.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=93"}],"version-history":[{"count":0,"href":"https:\/\/apollo89.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/93\/revisions"}],"wp:attachment":[{"href":"https:\/\/apollo89.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=93"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/apollo89.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=93"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/apollo89.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=93"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}