防火墙关了，然后被攻击了吗？大神帮看看日志

wjg***

本帖最后由 wjg2539 于 2023-7-31 19:48 编辑

Jul 31 13:23:44 dropbear[8517]: Exit before auth: Exited normally

Jul 31 13:50:52 dropbear[14727]: Child connection from 143.64.34.225:50068
Jul 31 13:50:54 dropbear[14727]: Exit before auth: Exited normally
Jul 31 14:13:10 dropbear[19805]: Child connection from 89.248.163.219:50742
Jul 31 14:13:20 dropbear[19805]: Exit before auth: Exited normally
Jul 31 14:25:11 dropbear[22516]: Child connection from 175.210.11.221:60552
Jul 31 14:25:14 dropbear[22516]: Login attempt for nonexistent user from 175.210.11.221:60552
Jul 31 14:25:18 dropbear[22516]: Exit before auth: Exited normally
Jul 31 14:41:40 dropbear[6268]: Child connection from 143.64.34.225:45826
Jul 31 14:41:41 dropbear[26268]: Exit before auth: Exited normally
Jul 31 14:49:35 dropbear[28034]: Child connection from 167.71.17.68:56876
Jul 31 14:49:35 dropbear[28034]: Exit before auth: Exited normally
Jul 31 14:56:14 JDC-1: wif_control: ifname: apcli0, isup: 0
Jul 31 14:56:14 JDC-1: wif_control: ifname: wds3, isup: 0
Jul 31 14:56:14 JDC-1: wif_control: ifname: wds2, isup: 0
Jul 31 14:56:14 JDC-1: wif_control: ifname: wds1, isup: 0
Jul 31 14:56:14 JDC-1: wif_control: ifname: wds0, isup: 0
Jul 31 14:56:14 JDC-1: wif_control: ifname: ra1, isup: 0
Jul 31 14:56:14 JDC-1: wif_control: ifname: ra0, isup: 0
Jul 31 14:56:14 JDC-1: wif_control: ifname: ra0, isup: 1
Jul 31 14:56:14 kernel: [ 8967.868000] load_dev_l1profile()-->
Jul 31 14:56:14 kernel: [ 8967.895000] l1set_profile_path() profile remain /etc/Wireless/RT2860/RT2860AP.dat
Jul 31 14:56:14 kernel: [ 8967.903000] l1set_eeprom_offset() eeprom offset remain 0x0
Jul 31 14:56:14 kernel: [ 8967.908000] l1set_eeprom_size() eeprom size remain 0x200
Jul 31 14:56:14 kernel: [ 8967.914000] l1set_ifname() ifname rename from ra0 to ra
Jul 31 14:56:14 kernel: [ 8967.919000] l1set_ifname() ifname remain ra
Jul 31 14:56:14 kernel: [ 8967.923000] l1set_ifname() ifname remain ra
Jul 31 14:56:14 kernel: [ 8967.928000] l1set_ifname() ifname remain wds
Jul 31 14:56:14 kernel: [ 8967.932000] l1set_ifname() ifname remain apcli
Jul 31 14:56:14 kernel: [ 8967.937000] TX_BCN DESC bb3f6000 size = 320
Jul 31 14:56:14 kernel: [ 8967.941000] RX[0] DESC bb3f8000 size = 2048
Jul 31 14:56:14 kernel: [ 8967.946000] RX[1] DESC bb3f9000 size = 2048
Jul 31 14:56:14 kernel: [ 8967.954000] E2pAccessMode=2
Jul 31 14:56:14 kernel: [ 8967.957000] cfg_mode=7
Jul 31 14:56:14 kernel: [ 8967.960000] cfg_mode=7
Jul 31 14:56:14 kernel: [ 8967.962000] wmode_band_equal(): Band Equal!
Jul 31 14:56:14 kernel: [ 8968.085000] Key1Str is Invalid key length(0) or Type(0)
Jul 31 14:56:14 kernel: [ 8968.091000] Key1Str is Invalid key length(0) or Type(0)
Jul 31 14:56:14 kernel: [ 8968.096000] Key2Str is Invalid key length(0) or Type(0)
Jul 31 14:56:14 kernel: [ 8968.102000] Key2Str is Invalid key length(0) or Type(0)
Jul 31 14:56:14 kernel: [ 8968.107000] Key3Str is Invalid key length(0) or Type(0)
Jul 31 14:56:14 kernel: [ 8968.113000] Key3Str is Invalid key length(0) or Type(0)
Jul 31 14:56:14 kernel: [ 8968.119000] Key4Str is Invalid key length(0) or Type(0)
Jul 31 14:56:14 kernel: [ 8968.124000] Key4Str is Invalid key length(0) or Type(0)
Jul 31 14:56:15 kernel: [ 8968.607000] FW Version:CL173766_R
Jul 31 14:56:15 kernel: [ 8968.611000] FW Build Date:20171110105932
Jul 31 14:56:15 kernel: [ 8968.615000] AsicDMASchedulerInit(): DMA Scheduler Mode=0(LMAC)
Jul 31 14:56:15 kernel: [ 8968.621000] efuse_probe: efuse = 10000002
Jul 31 14:56:15 kernel: [ 8968.625000] RtmpChipOpsEepromHook::e2p_type=2, inf_Type=5
Jul 31 14:56:15 kernel: [ 8968.630000] RtmpEepromGetDefault::e2p_dafault=1
Jul 31 14:56:15 kernel: [ 8968.635000] RtmpChipOpsEepromHook: E2P type(2), E2pAccessMode = 2, E2P default = 1
Jul 31 14:56:15 kernel: [ 8968.643000] NVM is FLASH mode, flash_offset = 0x40000
Jul 31 14:56:15 kernel: [ 8968.648000] 1. Phy Mode = 12
Jul 31 14:56:15 kernel: [ 8968.651000] @@@  NICReadEEPROMParameters : pAd->FWLoad=1
Jul 31 14:56:15 kernel: [ 8968.656000] Country Region from e2p = ffff
Jul 31 14:56:15 kernel: [ 8968.660000] tssi_1_target_pwr_g_band = 19
Jul 31 14:56:15 kernel: [ 8968.665000] 2. Phy Mode = 12
Jul 31 14:56:15 kernel: [ 8968.668000] 3. Phy Mode = 12
Jul 31 14:56:15 kernel: [ 8968.670000] NICInitPwrPinCfg(14): Not support for HIF_MT yet!
Jul 31 14:56:15 kernel: [ 8968.676000] NICInitializeAsic(588): Not support rtmp_mac_sys_reset () for HIF_MT yet!
Jul 31 14:56:15 kernel: [ 8968.684000] mt_mac_init()-->
Jul 31 14:56:15 kernel: [ 8968.687000] mt7603_init_mac_cr()-->
Jul 31 14:56:15 kernel: [ 8968.691000] AsicSetMacMaxLen(1907): Set the Max RxPktLen=1024!
Jul 31 14:56:15 kernel: [ 8968.697000] <--mt_mac_init()
Jul 31 14:56:15 kernel: [ 8968.700000]       WTBL Segment 1 info:
Jul 31 14:56:15 kernel: [ 8968.703000]                MemBaseAddr/FID:0x28000/0
Jul 31 14:56:15 kernel: [ 8968.707000]                EntrySize/Cnt:32/128
Jul 31 14:56:15 kernel: [ 8968.710000]       WTBL Segment 2 info:
Jul 31 14:56:15 kernel: [ 8968.714000]                MemBaseAddr/FID:0x40000/0
Jul 31 14:56:15 kernel: [ 8968.718000]                EntrySize/Cnt:64/128
Jul 31 14:56:15 kernel: [ 8968.721000]       WTBL Segment 3 info:
Jul 31 14:56:15 kernel: [ 8968.724000]                MemBaseAddr/FID:0x42000/64
Jul 31 14:56:15 kernel: [ 8968.728000]                EntrySize/Cnt:64/128
Jul 31 14:56:15 kernel: [ 8968.732000]       WTBL Segment 4 info:
Jul 31 14:56:15 kernel: [ 8968.735000]                MemBaseAddr/FID:0x44000/128
Jul 31 14:56:15 kernel: [ 8968.739000]                EntrySize/Cnt:32/128
Jul 31 14:56:15 kernel: [ 8968.742000] AntCfgInit(2689): Not support for HIF_MT yet!
Jul 31 14:56:15 kernel: [ 8968.748000] RTMPSetPhyMode(): channel out of range, use first ch=0
Jul 31 14:56:15 kernel: [ 8968.754000] MCS Set = ff ff 00 00 01
Jul 31 14:56:21 kernel: [ 8975.155000] =====================================================
Jul 31 14:56:21 kernel: [ 8975.161000] Channel 1 : Dirty = 430, False CCA = 0, Busy Time = 7988, Skip Channel = FALSE
Jul 31 14:56:21 kernel: [ 8975.169000] Channel 2 : Dirty = 362, False CCA = 0, Busy Time = 4675, Skip Channel = FALSE
Jul 31 14:56:22 kernel: [ 8975.178000] Channel 3 : Dirty = 372, False CCA = 0, Busy Time = 3796, Skip Channel = FALSE
Jul 31 14:56:22 kernel: [ 8975.186000] Channel 4 : Dirty = 340, False CCA = 0, Busy Time = 1153, Skip Channel = FALSE
Jul 31 14:56:22 kernel: [ 8975.194000] Channel 5 : Dirty = 396, False CCA = 0, Busy Time = 2860, Skip Channel = FALSE
Jul 31 14:56:22 kernel: [ 8975.203000] Channel 6 : Dirty = 494, False CCA = 0, Busy Time = 12699, Skip Channel = FALSE
Jul 31 14:56:22 kernel: [ 8975.211000] Channel 7 : Dirty = 336, False CCA = 0, Busy Time = 5893, Skip Channel = FALSE
Jul 31 14:56:22 kernel: [ 8975.219000] Channel 8 : Dirty = 354, False CCA = 0, Busy Time = 4982, Skip Channel = FALSE
Jul 31 14:56:22 kernel: [ 8975.228000] Channel 9 : Dirty = 458, False CCA = 0, Busy Time = 8766, Skip Channel = FALSE
Jul 31 14:56:22 kernel: [ 8975.236000] Channel 10 : Dirty = 312, False CCA = 0, Busy Time = 18988, Skip Channel = FALSE
Jul 31 14:56:22 kernel: [ 8975.244000] Channel 11 : Dirty = 276, False CCA = 0, Busy Time = 25595, Skip Channel = FALSE
Jul 31 14:56:22 kernel: [ 8975.253000] Channel 12 : Dirty = 188, False CCA = 0, Busy Time = 1882, Skip Channel = FALSE
Jul 31 14:56:22 kernel: [ 8975.261000] Channel 13 : Dirty = 186, False CCA = 0, Busy Time = 1533, Skip Channel = FALSE
Jul 31 14:56:22 kernel: [ 8975.270000] =====================================================
Jul 31 14:56:22 kernel: [ 8975.276000] Rule 1 CCA value : Min Dirtiness (Include extension channel) ==> Select Channel 12
Jul 31 14:56:22 kernel: [ 8975.285000] Min Dirty = 542
Jul 31 14:56:22 kernel: [ 8975.288000] ExChannel = 8 , 0
Jul 31 14:56:22 kernel: [ 8975.291000] BW       = 40
Jul 31 14:56:22 kernel: [ 8975.407000] AsicSetRalinkBurstMode(4325): Not support for HIF_MT yet!
Jul 31 14:56:22 kernel: [ 8975.414000] RTMPSetPiggyBack(943): Not support for HIF_MT yet!
Jul 31 14:56:22 kernel: [ 8975.426000] AsicSetTxPreamble(4312): Not support for HIF_MT yet!
Jul 31 14:56:22 kernel: [ 8975.435000] AsicSetPreTbtt(): bss_idx=0, PreTBTT timeout = 0xa0
Jul 31 14:56:22 kernel: [ 8975.441000] Main bssid = dc:d8:7c:12:54:c8
Jul 31 14:56:22 kernel: [ 8975.445000] <==== rt28xx_init, Status=0
Jul 31 14:56:22 kernel: [ 8975.449000] @@@ ed_monitor_exit : ===>
Jul 31 14:56:22 kernel: [ 8975.453000] @@@ ed_monitor_exit : <===
Jul 31 14:56:22 kernel: [ 8975.457000] mt7603_set_ed_cca: TURN OFF EDCCA  mac 0x10618 = 0x8564267c, EDCCA_Status=0
Jul 31 14:56:22 kernel: [ 8975.465000] WiFi Startup Cost (ra0): 7.597s
Jul 31 14:56:22 kernel: [ 8975.488000] device ra0 entered promiscuous mode
Jul 31 14:56:22 kernel: [ 8975.493000] br0: port 3(ra0) entered listening state
Jul 31 14:56:22 kernel: [ 8975.498000] br0: port 3(ra0) entered listening state
Jul 31 14:56:22 net_wifi: iwpriv ra0 set KickStaRssiLow=0
Jul 31 14:56:22 net_wifi: iwpriv ra0 set AssocReqRssiThres=0
Jul 31 14:56:37 kernel: [ 8990.528000] br0: port 3(ra0) entered learning state
Jul 31 14:56:52 kernel: [ 9005.536000] br0: topology change detected, propagating
Jul 31 14:56:52 kernel: [ 9005.541000] br0: port 3(ra0) entered forwarding state
:
Jul 31 15:20:39 dropbear[2839]: Child connection from 104.152.52.243:48007
Jul 31 15:20:40 dropbear[2839]: Exit before auth: Exited normally
Jul 31 15:37:21 kernel: [11435.007000] ICV Error
Jul 31 15:37:21 kernel: [11435.009000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.014000] ICV Error
Jul 31 15:37:21 kernel: [11435.016000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.020000] ICV Error
Jul 31 15:37:21 kernel: [11435.023000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.027000] ICV Error
Jul 31 15:37:21 kernel: [11435.029000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.033000] ICV Error
Jul 31 15:37:21 kernel: [11435.036000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.040000] ICV Error
Jul 31 15:37:21 kernel: [11435.042000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.046000] ICV Error
Jul 31 15:37:21 kernel: [11435.049000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.053000] ICV Error
Jul 31 15:37:21 kernel: [11435.055000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.059000] ICV Error
Jul 31 15:37:21 kernel: [11435.062000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.066000] ICV Error
Jul 31 15:37:21 kernel: [11435.068000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.073000] ICV Error
Jul 31 15:37:21 kernel: [11435.075000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.079000] ICV Error
Jul 31 15:37:21 kernel: [11435.081000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.086000] ICV Error
Jul 31 15:37:21 kernel: [11435.088000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.092000] ICV Error
Jul 31 15:37:21 kernel: [11435.094000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.099000] ICV Error
Jul 31 15:37:21 kernel: [11435.101000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.105000] ICV Error
Jul 31 15:37:21 kernel: [11435.107000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.112000] ICV Error
Jul 31 15:37:21 kernel: [11435.114000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.118000] ICV Error
Jul 31 15:37:21 kernel: [11435.121000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.125000] ICV Error
Jul 31 15:37:21 kernel: [11435.127000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.131000] ICV Error
Jul 31 15:37:21 kernel: [11435.134000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:21 kernel: [11435.138000] ICV Error
Jul 31 15:37:21 kernel: [11435.140000] RMAC_RXD Header Format :RxNormal
Jul 31 15:37:34 JDC-1: wif_control: ifname: apcli0, isup: 0
Jul 31 15:37:34 JDC-1: wif_control: ifname: wds3, isup: 0
Jul 31 15:37:35 JDC-1: wif_control: ifname: wds2, isup: 0
Jul 31 15:37:35 JDC-1: wif_control: ifname: wds1, isup: 0
Jul 31 15:37:35 JDC-1: wif_control: ifname: wds0, isup: 0
Jul 31 15:37:35 JDC-1: wif_control: ifname: ra1, isup: 0
Jul 31 15:37:35 JDC-1: wif_control: ifname: ra0, isup: 0
Jul 31 15:37:35 kernel: [11448.215000] MTPciPollTxRxEmpty
Jul 31 15:37:35 kernel: [11448.841000] AsicSetPreTbtt(): bss_idx=0, PreTBTT timeout = 0x0
Jul 31 15:37:35 kernel: [11448.847000] RTMPSetPiggyBack(943): Not support for HIF_MT yet!
Jul 31 15:37:35 kernel: [11448.858000] RT28xxPciAsicRadioOff(): Not support for HIF_MT yet!
Jul 31 15:37:35 kernel: [11448.864000] RTMPDrvClose call RT28xxPciAsicRadioOff fail !!
Jul 31 15:37:35 kernel: [11448.870000] tx_kickout_fail_count = 0
Jul 31 15:37:35 kernel: [11448.873000] tx_timeout_fail_count = 0
Jul 31 15:37:35 kernel: [11448.877000] rx_receive_fail_count = 0
Jul 31 15:37:35 kernel: [11448.881000] alloc_cmd_msg = 9073
Jul 31 15:37:35 kernel: [11448.884000] free_cmd_msg = 9073
Jul 31 15:37:35 kernel: [11448.904000] br0: port 3(ra0) entered disabled state
Jul 31 15:37:35 kernel: [11448.919000] device ra0 left promiscuous mode
Jul 31 15:37:35 kernel: [11448.924000] br0: port 3(ra0) entered disabled state
Jul 31 16:08:16 dropbear[13685]: Child connection from 134.209.150.210:57712
Jul 31 16:08:17 dropbear[13685]: Exit before auth: Exited normally
Jul 31 16:20:09 dropbear[16401]: Child connection from 185.224.128.142:57774
Jul 31 16:20:14 dropbear[16401]: Exit before auth: Exited normally
Jul 31 16:20:15 dropbear[16402]: Child connection from 185.224.128.142:39966
Jul 31 16:20:43 dropbear[16402]: Login attempt for nonexistent user from 185.224.128.142:39966
Jul 31 16:20:59 dropbear[16402]: Exit before auth: Exited normally
Jul 31 16:20:59 dropbear[16592]: Child connection from 185.224.128.142:56034
Jul 31 16:21:07 dropbear[16592]: Exit before auth: Exited normally
Jul 31 16:21:07 dropbear[16625]: Child connection from 185.224.128.142:56090
Jul 31 16:21:31 dropbear[16625]: Login attempt for nonexistent user from 185.224.128.142:56090
Jul 31 16:21:48 dropbear[16625]: Exit before auth: Exited normally
Jul 31 16:21:48 dropbear[16783]: Child connection from 185.224.128.142:47068
Jul 31 16:21:56 dropbear[16783]: Exit before auth: Exited normally
Jul 31 16:21:56 dropbear[16784]: Child connection from 185.224.128.142:36540
Jul 31 16:22:04 dropbear[16784]: Exit before auth: Exited normally
Jul 31 16:22:04 dropbear[16817]: Child connection from 185.224.128.142:40512
Jul 31 16:22:12 dropbear[16817]: Exit before auth: Exited normally
Jul 31 16:22:12 dropbear[16879]: Child connection from 185.224.128.142:59532
Jul 31 16:22:40 dropbear[16879]: Login attempt for nonexistent user from 185.224.128.142:59532
Jul 31 16:22:54 dropbear[17008]: Child connection from 185.224.128.142:53376
Jul 31 16:22:54 dropbear[16879]: Exit before auth: Exited normally
Jul 31 16:23:01 dropbear[17008]: Exit before auth: Exited normally
Jul 31 16:23:02 dropbear[17070]: Child connection from 185.224.128.142:42438
Jul 31 16:23:09 dropbear[17070]: Exit before auth: Exited normally
Jul 31 16:23:10 dropbear[17103]: Child connection from 185.224.128.142:59160
Jul 31 16:23:34 dropbear[17103]: Login attempt for nonexistent user from 185.224.128.142:59160
Jul 31 16:23:49 dropbear[17103]: Exit before auth: Exited normally
Jul 31 16:23:49 dropbear[17261]: Child connection from 185.224.128.142:33712
Jul 31 16:23:58 dropbear[17261]: Exit before auth: Exited normally
Jul 31 16:23:58 dropbear[17294]: Child connection from 185.224.128.142:33734
Jul 31 16:24:06 dropbear[17294]: Exit before auth: Exited normally
Jul 31 16:24:06 dropbear[17295]: Child connection from 185.224.128.142:49420
Jul 31 16:24:14 dropbear[17295]: Exit before auth: Exited normally
Jul 31 16:24:14 dropbear[17328]: Child connection from 185.224.128.142:53844
Jul 31 16:24:43 dropbear[17328]: Login attempt for nonexistent user from 185.224.128.142:53844
Jul 31 16:24:59 dropbear[17328]: Exit before auth: Exited normally
Jul 31 16:24:59 dropbear[17518]: Child connection from 185.224.128.142:41592
Jul 31 16:25:06 dropbear[17518]: Exit before auth: Exited normally
Jul 31 16:25:07 dropbear[17519]: Child connection from 185.224.128.142:41626
Jul 31 16:25:14 dropbear[17519]: Exit before auth: Exited normally
Jul 31 16:25:15 dropbear[17552]: Child connection from 185.224.128.142:36476
Jul 31 16:25:43 dropbear[17552]: Login attempt for nonexistent user from 185.224.128.142:36476
Jul 31 16:25:56 dropbear[17710]: Child connection from 185.224.128.142:41550
Jul 31 16:25:56 dropbear[17552]: Exit before auth: Exited normally
Jul 31 16:26:04 dropbear[17710]: Exit before auth: Exited normally
Jul 31 16:26:04 dropbear[17743]: Child connection from 185.224.128.142:40806
Jul 31 16:26:12 dropbear[17743]: Exit before auth: Exited normally
Jul 31 16:26:12 dropbear[17776]: Child connection from 185.224.128.142:45240
Jul 31 16:26:38 dropbear[17776]: Login attempt for nonexistent user from 185.224.128.142:45240
Jul 31 16:26:52 dropbear[17776]: Exit before auth: Exited normally
Jul 31 16:26:52 dropbear[17934]: Child connection from 185.224.128.142:36874
Jul 31 16:27:00 dropbear[17934]: Exit before auth: Exited normally
Jul 31 16:27:02 dropbear[17967]: Child connection from 185.224.128.142:51880
Jul 31 16:27:10 dropbear[17967]: Exit before auth: Exited normally
Jul 31 16:27:10 dropbear[18029]: Child connection from 185.224.128.142:51984
Jul 31 16:27:18 dropbear[18029]: Exit before auth: Exited normally
Jul 31 16:27:18 dropbear[18062]: Child connection from 185.224.128.142:52018
Jul 31 16:27:51 dropbear[18062]: Bad password attempt for 'admin' from 185.224.128.142:52018
Jul 31 16:28:02 dropbear[18062]: Exit before auth (user 'admin', 1 fails): Exited normally
Jul 31 16:28:02 dropbear[18220]: Child connection from 185.224.128.142:34666
Jul 31 16:28:10 dropbear[18220]: Exit before auth: Exited normally
Jul 31 16:28:10 dropbear[18253]: Child connection from 185.224.128.142:54968
Jul 31 16:28:18 dropbear[18253]: Exit before auth: Exited normally
Jul 31 16:28:18 dropbear[18286]: Child connection from 185.224.128.142:55006
Jul 31 16:28:49 dropbear[18286]: Login attempt for nonexistent user from 185.224.128.142:55006
Jul 31 16:29:06 dropbear[18286]: Exit before auth: Exited normally
Jul 31 16:29:06 dropbear[18444]: Child connection from 185.224.128.142:56980
Jul 31 16:29:14 dropbear[18444]: Exit before auth: Exited normally
Jul 31 16:29:14 dropbear[18477]: Child connection from 185.224.128.142:52186
Jul 31 16:29:38 dropbear[18603]: Child connection from 121.239.102.26:35056
Jul 31 16:29:38 dropbear[18603]: Exit before auth: Exited normally
Jul 31 16:29:38 dropbear[18477]: Login attempt for nonexistent user from 185.224.128.142:52186
Jul 31 16:29:54 dropbear[18477]: Exit before auth: Exited normally
Jul 31 16:29:54 dropbear[18636]: Child connection from 185.224.128.142:48022
Jul 31 16:30:02 dropbear[18636]: Exit before auth: Exited normally
Jul 31 16:30:02 dropbear[18669]: Child connection from 185.224.128.142:36156
Jul 31 16:30:10 dropbear[18669]: Exit before auth: Exited normally
Jul 31 16:30:10 dropbear[18702]: Child connection from 185.224.128.142:59726
Jul 31 16:30:18 dropbear[18702]: Exit before auth: Exited normally
Jul 31 17:17:33 dropbear[29448]: Child connection from 180.100.74.196:48795
Jul 31 17:17:34 dropbear[29448]: Login attempt for nonexistent user from 180.100.74.196:48795
Jul 31 17:17:34 dropbear[29448]: Exit before auth: Disconnect received
Jul 31 17:34:58 dropbear[976]: Child connection from 220.78.241.152:41838
Jul 31 17:35:03 dropbear[976]: Login attempt for nonexistent user from 220.78.241.152:41838
Jul 31 17:35:08 dropbear[976]: Exit before auth: Max auth tries reached - user 'is invalid' from 220.78.241.152:41838
Jul 31 17:35:54 dropbear[1166]: Child connection from 180.100.74.196:46468
Jul 31 17:35:55 dropbear[1166]: Login attempt for nonexistent user from 180.100.74.196:46468
Jul 31 17:35:55 dropbear[1166]: Exit before auth: Disconnect received
Jul 31 17:59:34 dropbear[6535]: Child connection from 211.229.73.221:52573
Jul 31 17:59:38 dropbear[6535]: Password auth succeeded for 'admin' from 211.229.73.221:52573
Jul 31 18:01:48 dropbear[6535]: Exit (admin): Error writing: Connection reset by peer
Jul 31 18:10:46 dropbear[9098]: Child connection from 45.129.14.51:52316
Jul 31 18:10:48 dropbear[9098]: Login attempt for nonexistent user from 45.129.14.51:52316
Jul 31 18:10:57 dropbear[9098]: Exit before auth: Exited normally
Jul 31 18:30:46 dropbear[13643]: Child connection from 170.64.171.164:59238
Jul 31 18:30:46 dropbear[13643]: Exit before auth: Exited normally
Jul 31 18:30:57 dropbear[13708]: Child connection from 121.177.70.228:54403
Jul 31 18:31:00 dropbear[13708]: Password auth succeeded for 'admin' from 121.177.70.228:54403
Jul 31 18:31:03 dropbear[13708]: Exit (admin): Error writing: Connection reset by peer
Jul 31 18:44:24 dropbear[16751]: Child connection from 58.59.90.50:35632
Jul 31 18:44:34 dropbear[16751]: Exit before auth: Exited normally
Jul 31 18:47:37 dropbear[17480]: Child connection from 222.213.236.234:45046
Jul 31 18:47:38 dropbear[17480]: Login attempt for nonexistent user from 222.213.236.234:45046
Jul 31 18:47:38 dropbear[17480]: Exit before auth: Exited normally
Jul 31 18:49:28 dropbear[17923]: Child connection from 222.213.236.234:38608
Jul 31 18:49:29 dropbear[17923]: Login attempt for nonexistent user from 222.213.236.234:38608
Jul 31 18:49:30 dropbear[17923]: Exit before auth: Exited normally
Jul 31 18:51:30 dropbear[18395]: Child connection from 222.213.236.234:34832
Jul 31 18:51:31 dropbear[18395]: Login attempt for nonexistent user from 222.213.236.234:34832
Jul 31 18:51:31 dropbear[18395]: Exit before auth: Exited normally
Jul 31 18:53:13 dropbear[18776]: Child connection from 222.213.236.234:33676
Jul 31 18:53:15 dropbear[18776]: Login attempt for nonexistent user from 222.213.236.234:33676
Jul 31 18:53:15 dropbear[18776]: Exit before auth: Exited normally
Jul 31 18:55:02 dropbear[19189]: Child connection from 222.213.236.234:44356
Jul 31 18:55:03 dropbear[19189]: Login attempt for nonexistent user from 222.213.236.234:44356
Jul 31 18:55:03 dropbear[19189]: Exit before auth: Exited normally
Jul 31 18:55:37 dropbear[19347]: Child connection from 193.142.146.214:60906
Jul 31 18:55:38 dropbear[19347]: Password auth succeeded for 'admin' from 193.142.146.214:60906
Jul 31 18:55:43 dropbear[19347]: Exit (admin): Exited normally
Jul 31 18:56:47 dropbear[19657]: Child connection from 222.213.236.234:60806
Jul 31 18:56:48 dropbear[19657]: Login attempt for nonexistent user from 222.213.236.234:60806
Jul 31 18:56:49 dropbear[19657]: Exit before auth: Exited normally
Jul 31 18:58:45 dropbear[20100]: Child connection from 222.213.236.234:41004
Jul 31 18:58:46 dropbear[20100]: Login attempt for nonexistent user from 222.213.236.234:41004
Jul 31 18:58:46 dropbear[20100]: Exit before auth: Exited normally
Jul 31 19:00:43 dropbear[20573]: Child connection from 222.213.236.234:54986
Jul 31 19:00:44 dropbear[20573]: Login attempt for nonexistent user from 222.213.236.234:54986
Jul 31 19:00:45 dropbear[20573]: Exit before auth: Exited normally
Jul 31 19:02:40 dropbear[21016]: Child connection from 222.213.236.234:40214
Jul 31 19:02:41 dropbear[21016]: Login attempt for nonexistent user from 222.213.236.234:40214
Jul 31 19:02:41 dropbear[21016]: Exit before auth: Exited normally
Jul 31 19:04:38 dropbear[21488]: Child connection from 222.213.236.234:39642
Jul 31 19:04:40 dropbear[21488]: Login attempt for nonexistent user from 222.213.236.234:39642
Jul 31 19:04:40 dropbear[21488]: Exit before auth: Exited normally
Jul 31 19:06:39 dropbear[21931]: Child connection from 222.213.236.234:34782
Jul 31 19:06:40 dropbear[21931]: Login attempt for nonexistent user from 222.213.236.234:34782
Jul 31 19:06:40 dropbear[21931]: Exit before auth: Exited normally
Jul 31 19:08:29 dropbear[22342]: Child connection from 222.213.236.234:51956
Jul 31 19:08:30 dropbear[22342]: Login attempt for nonexistent user from 222.213.236.234:51956
Jul 31 19:08:30 dropbear[22342]: Exit before auth: Exited normally
Jul 31 19:10:21 dropbear[22753]: Child connection from 222.213.236.234:57864
Jul 31 19:10:23 dropbear[22753]: Login attempt for nonexistent user from 222.213.236.234:57864
Jul 31 19:10:23 dropbear[22753]: Exit before auth: Exited normally
Jul 31 19:12:27 dropbear[23225]: Child connection from 222.213.236.234:33844
Jul 31 19:12:28 dropbear[23225]: Login attempt for nonexistent user from 222.213.236.234:33844
Jul 31 19:12:28 dropbear[23225]: Exit before auth: Exited normally
Jul 31 19:14:35 dropbear[23702]: Child connection from 222.213.236.234:52476
Jul 31 19:14:36 dropbear[23702]: Login attempt for nonexistent user from 222.213.236.234:52476
Jul 31 19:14:37 dropbear[23702]: Exit before auth: Exited normally
Jul 31 19:16:48 dropbear[24239]: Child connection from 222.213.236.234:50284
Jul 31 19:16:49 dropbear[24239]: Login attempt for nonexistent user from 222.213.236.234:50284
Jul 31 19:16:49 JDC-1: Hardware NAT/Routing: Enabled, IPoE/PPPoE offload [WAN]<->[LAN/WLAN]
Jul 31 19:16:49 JDC-1: Hardware NAT/Routing: IPv4 UDP flow offload - ON
Jul 31 19:16:49 JDC-1: Hardware NAT/Routing: IPv6 routes offload - OFF

wjg***

一开始有几个内核操作代码看不懂，然后后面有几个IP国外的被他登录进后台了，不知道干了什么

amin***

有公网的，首先是改个强密码，避免默认密码，
遇到高手，利用漏洞的，你开着防火墙也一样进来。就是看进来后还能怎么样，放个勒索病毒啥的，或者当肉鸡。

伊***

只是ssh被尝试登陆,没那么玄乎,防火墙开了一刀切是最好的,或者先把wan的80和22端口先封保底裤.

wjg***

aming.ou 发表于 2023-7-31 23:30
有公网的，首先是改个强密码，避免默认密码，
遇到高手，利用漏洞的，你开着防火墙也一样进来。就是看进来 ...

那倒也是我已经重置刷机了

wjg***

伊奈帆发表于 2023-8-1 15:13
只是ssh被尝试登陆,没那么玄乎,防火墙开了一刀切是最好的,或者先把wan的80和22端口先封保底裤. ...

已经重置刷机了

t***

其实没卵用换成真正防火墙而不是这种防不住只能简单对付，小毛贼

账号		自动登录	找回密码
密码			立即注册