黑群晖怎样有效防止暴力破解？

日志经常有人乱撞密码。

层级日志时间用户事件
警告连接 2025/11/10 08:51:49 atempo04 User [atempo04] from [202.150.90.44] failed to sign in to [DSM] via [password] due to authorization failure.
警告连接 2025/11/10 08:49:43 atempo03 User [atempo03] from [220.133.88.81] failed to sign in to [DSM] via [password] due to authorization failure.
警告连接 2025/11/10 08:48:21 atempo02 User [atempo02] from [71.164.83.186] failed to sign in to [DSM] via [password] due to authorization failure.
警告连接 2025/11/10 08:46:18 atempo01 User [atempo01] from [210.175.249.189] failed to sign in to [DSM] via [password] due to authorization failure.
警告连接 2025/11/10 08:44:25 service User [service] from [2.227.240.41] failed to sign in to [DSM] via [password] due to authorization failure.
警告连接 2025/11/10 08:43:05 atempo08 User [atempo08] from [217.174.61.147] failed to sign in to [DSM] via [password] due to authorization failure.

请问有设么方法防止？

S0lution

8 天前

首先建议不要暴露重要服务到公网，必要的话服务一定要修改默认端口

防爆破如果是 ssh 可以尝试 fail2ban ，看 op 日志是 dsm 的且比较频繁，设置里有黑白名单可以设置。登陆还有个封锁设置，设置一个月错三次永久封禁 ip ，或者干脆输错一次密码直接封，自己被封了可以本地登录上去解

再复杂还有双向证书认证之类的，看 op 需求了

这是一个专为移动设备优化的页面（即为了让你能够在 Google 搜索结果里秒开这个页面），如果你希望参与 V2EX 社区的讨论，你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://ex.noerr.eu.org/t/1171601

V2EX 是创意工作者们的社区，是一个分享自己正在做的有趣事物、交流想法，可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.