同事收到一封主机商邮件说
Dear Customer,
Recent network security audits have detected some issues on your
instances. Please review the following reports and help us to ensure
the security of our network:== Portmapper servers == Portmapper is a service usually used with NFS. When this is not properly firewalled, it can be abused to
conduct DDOS attacks. We recommend that all portmapper services be
behind a firewall, and restricted to only IPs that need to contact
them.For Linux machines, please add firewall rules to block port 111 on
both UDP and TCP:iptables -I INPUT 1 -m tcp -p tcp --dport 111 -j DROP iptables -I
INPUT 1 -m udp -p udp --dport 111 -j DROPPlease see https://blog.cloudflare.com/reflections-on-reflections/ for
more information on reflection attacks.The following IPs have been detected running open portmapper servers:
149.28.224.51:1
最低0.47元/天 解锁文章
扫一扫
930
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
