被攻击Linux80端口遭受恶意攻击.（linux80端口）

Recently, I was informed by MY production administrator that one of my linux systems was subjected to a malicious attack on port 80. By carefully analyzing my system logs, I was able to infer that someone was attempting to gain access to this Linux system and that the attack had been ongoing for some time.

When I first discovered the attack, I took immediate action to protect and secure my system. I verified that the firewall was up-to-date and was properly configured to lock down port 80 on the affected Linux system. Next, I used the following iptables command to drop all traffic coming from sources other than my trusted networks:

iptables -A INPUT -p tcp --dport 80 -s ! xx.xx.xx.xx -j DROP

At this point, I also disabled external access to port 80 on the Linux system by using the following UFW command:

ufw deny 80/tcp

However, I was still concerned that someone may have been able to gain access to the system before I had taken these precautions. To determine if any objects or files had been tampered with, I ran a series of integrity scans using the AIDE tool. The scans uncovered some suspicious behavior, indicating that the attacker may have been attempting to exploit a known vulnerability in the system.

To prevent the attacker from further infiltrating my system, I patched the system with the latest security updates and also performed a malware scan, using an updated and trusted anti-malware program. Additionally, I changed all user credentials to ensure that the attacker would no longer have access to the system.

Finally, to ensure that there are no further attacks, I implemented a comprehensive intrusion detection system (IDS) on the affected Linux system. This will monitor all incoming and outgoing traffic and alert me whenever suspicious activity is detected. Additionally, I have set up regular system scans and vulnerability checks to help me detect any potential security threats in the future.

At this time, my Linux system appears to be safe and secure from any further malicious attacks on port 80. Through my knowledge of the system, swift action, and proper tools, I was able to mitigate and prevent serious damage to the system.

创新互联服务器托管拥有成都T3+级标准机房资源，具备完善的安防设施、三线及BGP网络接入带宽达10T，机柜接入千兆交换机，能够有效保证服务器托管业务安全、可靠、稳定、高效运行；创新互联专注于成都服务器托管租用十余年，得到成都等地区行业客户的一致认可。

文章题目：被攻击Linux80端口遭受恶意攻击.（linux80端口）
标题URL：http://www.shufengxianlan.com/qtweb/news10/341560.html

网站建设、网络推广公司-创新互联，是专注品牌与效果的网站制作，网络营销seo公司；服务项目有等

广告

声明：本网站发布的内容（图片、视频和文字）以用户投稿、用户转载内容为主，如果涉及侵权请尽快告知，我们将会在第一时间删除。文章观点不代表本网站立场，如需处理请联系客服。电话：028-86922220；邮箱：631063699@qq.com。内容未经允许不得转载，或转载时需注明来源： 创新互联