はちゅにっき

こっちのブログはまったり更新

sshd へのアクセスが

Server 
sshd:
    Authentication Failures:
       unknown (222.208.232.138): 7837 Time(s)
       unknown (61.66.211.162): 2657 Time(s)
       root (222.208.232.138): 235 Time(s)
       root (61.66.211.162): 223 Time(s)
       unknown (220.182.62.252): 133 Time(s)
       root (222.55.184.241): 66 Time(s)
       root (219.232.241.9): 25 Time(s)
       backup (222.208.232.138): 19 Time(s)
       backup (61.66.211.162): 17 Time(s)
       news (222.208.232.138): 16 Time(s)
       root (220.182.62.252): 15 Time(s)
       bin (222.208.232.138): 12 Time(s)
       news (61.66.211.162): 11 Time(s)
       bin (61.66.211.162): 9 Time(s)
       lp (222.208.232.138): 9 Time(s)
       mail (222.208.232.138): 9 Time(s)
       nobody (222.208.232.138): 9 Time(s)
       ftp (222.208.232.138): 8 Time(s)
       postfix (222.208.232.138): 8 Time(s)
       games (222.208.232.138): 7 Time(s)
       nobody (61.66.211.162): 7 Time(s)
       sshd (222.208.232.138): 7 Time(s)
       irc (222.208.232.138): 6 Time(s)
       mail (61.66.211.162): 6 Time(s)
       postfix (61.66.211.162): 6 Time(s)
       sync (222.208.232.138): 6 Time(s)
       www-data (222.208.232.138): 6 Time(s)
       daemon (222.208.232.138): 5 Time(s)
       ftp (61.66.211.162): 5 Time(s)
       games (61.66.211.162): 5 Time(s)
       lp (61.66.211.162): 5 Time(s)
       sshd (61.66.211.162): 5 Time(s)
       sys (222.208.232.138): 5 Time(s)
       uucp (222.208.232.138): 5 Time(s)
       www-data (61.66.211.162): 4 Time(s)
       bind (222.208.232.138): 3 Time(s)
       daemon (61.66.211.162): 3 Time(s)
       irc (61.66.211.162): 3 Time(s)
       list (222.208.232.138): 3 Time(s)
       sync (61.66.211.162): 3 Time(s)
       sys (61.66.211.162): 3 Time(s)
       gnats (222.208.232.138): 2 Time(s)
       identd (222.208.232.138): 2 Time(s)
       man (222.208.232.138): 2 Time(s)
       proxy (222.208.232.138): 2 Time(s)
       unknown (219.238.180.98): 2 Time(s)
       uucp (61.66.211.162): 2 Time(s)
       backup (220.182.62.252): 1 Time(s)
       bin (220.182.62.252): 1 Time(s)
       bind (61.66.211.162): 1 Time(s)
       daemon (220.182.62.252): 1 Time(s)
       ftp (220.182.62.252): 1 Time(s)
       games (220.182.62.252): 1 Time(s)
       gnats (220.182.62.252): 1 Time(s)
       identd (220.182.62.252): 1 Time(s)
       irc (220.182.62.252): 1 Time(s)
       list (220.182.62.252): 1 Time(s)
       lp (220.182.62.252): 1 Time(s)
       mail (220.182.62.252): 1 Time(s)
       news (220.182.62.252): 1 Time(s)
       nobody (220.182.62.252): 1 Time(s)
       postfix (220.182.62.252): 1 Time(s)
       proxy (220.182.62.252): 1 Time(s)
       sshd (220.182.62.252): 1 Time(s)
       sync (220.182.62.252): 1 Time(s)
       sys (220.182.62.252): 1 Time(s)
       unknown (192.168.0.22): 1 Time(s)
       uucp (220.182.62.252): 1 Time(s)
       www-data (220.182.62.252): 1 Time(s)
    Invalid Users:
       Unknown Account: 10630 Time(s)

特定の国からのアクセスを遮断してもこのザマですか、そうですか。
めんどくさいから 22 番ポートで待ち受けてたけれど
こんだけアクセスがあるならポート番号変えようかなー。
まぁ一時しのぎにしかならないと思うけど。。。
メールサーバにも変なコネクションがたくさんくるし、困ったもんだ。。。