Linux 修改SSH默认端口,MySQL设置只能本机访问

作者: Luan 分类: 学习笔记 发布时间: 2017-03-28 22:39

最近发现服务器被很多人爆破,很烦。。

我用的是有流量限制的VPS,为了减少流量使用,决定改改默认的端口,顺便还能增强安全性?

Host 'lu4n.com' resolved to 162.159.210.53.
Connecting to 162.159.210.53:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.

Last failed login: Tue Mar 28 22:06:54 CST 2017 from host-76-203.pool.hiperkom.hu on ssh:notty
There were 1091 failed login attempts since the last successful login.
Last login: Tue Mar 28 19:20:38 2017 from 223.150.114.189
[root@Luan ~]# cd /etc/ssh
[root@Luan ssh]# ls
moduli  ssh_config  ssh_host_ecdsa_key  ssh_host_ecdsa_key.pub  ssh_host_ed25519_key  ssh_host_ed25519_key.pub  ssh_host_rsa_key  ssh_host_rsa_key.pub  sshd_config
[root@Luan ssh]# nano sshd_config 

找到#Port 22,改成Port 2222

[root@Luan ssh]# service sshd restart
Redirecting to /bin/systemctl restart  sshd.service
[root@Luan ssh]# netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN   
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:1080            0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN   
tcp        0    248 162.159.210.53:22       223.150.114.189:13844   ESTABLISHED
tcp        0      0 162.159.210.53:22       108.171.107.245:43286   TIME_WAIT  
tcp        0      0 162.159.210.53:22       108.171.107.245:43287   TIME_WAIT  
tcp        0      0 162.159.210.53:1080     122.224.153.122:13064   ESTABLISHED
tcp        0      0 162.159.210.53:1080     122.224.153.122:12909   ESTABLISHED
tcp        0      0 162.159.210.53:1080     122.224.153.122:49067   ESTABLISHED
tcp        0      0 162.159.210.53:1080     122.224.153.122:22977   ESTABLISHED
[root@Luan ssh]# cd /etc/mysql
-bash: cd: /etc/mysql: No such file or directory
[root@Luan ssh]# cd /usr/local/mysql
[root@Luan mysql]# ls
COPYING  INSTALL-BINARY  README  bin  data  docs  include  lib  man  mysql-test  scripts  share  sql-bench  support-files  var
[root@Luan mysql]# find / -name my.cnf
/usr/local/mysql/mysql-test/suite/federated/my.cnf
/usr/local/mysql/mysql-test/suite/rpl/my.cnf
/etc/my.cnf
[root@Luan mysql]# nano /etc/my.cnf

添加一行: bind-address  =  127.0.0.1

[root@Luan mysql]# service mysqld restart
Redirecting to /bin/systemctl restart  mysqld.service
Failed to restart mysqld.service: Unit not found.
[root@Luan mysql]# service mysql restart
Shutting down MySQL.. SUCCESS! 
Starting MySQL.. SUCCESS! 
[root@Luan mysql]# netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:1080            0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:2222            0.0.0.0:*               LISTEN    
tcp        0    248 162.159.210.53:22       223.150.114.189:13844   ESTABLISHED 
tcp        0      1 162.159.210.53:80       223.150.114.189:15433   LAST_ACK   
tcp        0      0 162.159.210.53:80       223.150.114.189:15431   ESTABLISHED
tcp        0      0 162.159.210.53:80       223.150.114.189:15426   ESTABLISHED
tcp        0      0 162.159.210.53:1080     122.224.153.122:49067   ESTABLISHED
tcp        0      0 162.159.210.53:1080     122.224.153.122:13064   ESTABLISHED
tcp        0      0 162.159.210.53:1080     122.224.153.122:12909   ESTABLISHED
tcp        0      0 162.159.210.53:1080     122.224.153.122:22977   ESTABLISHED
[root@Luan mysql]#

如果觉得我的文章对您有用,请随意打赏。您的支持将鼓励我继续创作!

一条评论
  • insurance gadgets

    2017年4月24日 上午1:03

    I enjoy this website – its so usefull and helpfull.

发表评论