J'ai deux serveurs sur les quels j'ai installé portsentry. J'ai choisi l'option de bannir par iptables, de coup en une nuit portsentry a banni une tonne d'IP.
Ce qui est curieux, ce que sur l'autre serveur (avec la même configuration) je n ai rien de tout ca, voilà un extrat:
DROP all -- 93-173-6-167.bb.netvision.net.il anywhere
DROP all -- dyn-188-175.dynadsl.kis.ru anywhere
DROP all -- static61.11.71-171.dsl-cal.eth.net anywhere
DROP all -- 78.38.171.7 anywhere
DROP all -- crawl-66-249-68-196.googlebot.com anywhere
DROP all -- crawl-66-249-68-181.googlebot.com anywhere
DROP all -- crawl-66-249-68-179.googlebot.com anywhere
DROP all -- crawl-66-249-68-83.googlebot.com anywhere
DROP all -- 95-37-122-107.dynamic.mts-nn.ru anywhere
DROP all -- 93-96-115-211.zone4.bethere.co.uk anywhere
DROP all -- cpc3-pnth2-0-0-cust139.5-2.cable.virginmedia.com anywhere
DROP all -- crawl-66-249-71-104.googlebot.com anywhere
DROP all -- crawl-66-249-71-114.googlebot.com anywhere
DROP all -- 94.59.89.187 anywhere
DROP all -- ec2-184-73-79-154.compute-1.amazonaws.com anywhere
DROP all -- ec2-75-101-200-207.compute-1.amazonaws.com anywhere
DROP all -- ec2-50-16-145-191.compute-1.amazonaws.com anywhere
DROP all -- ec2-75-101-206-234.compute-1.amazonaws.com anywhere
DROP all -- ec2-174-129-104-25.compute-1.amazonaws.com anywhere
DROP all -- ec2-174-129-142-114.compute-1.amazonaws.com anywhere
DROP all -- ec2-72-44-50-28.compute-1.amazonaws.com anywhere
DROP all -- ec2-50-16-94-71.compute-1.amazonaws.com anywhere
DROP all -- ec2-50-17-43-177.compute-1.amazonaws.com anywhere
DROP all -- ec2-50-16-75-91.compute-1.amazonaws.com anywhere
DROP all -- ec2-50-16-105-142.compute-1.amazonaws.com anywhere
DROP all -- ec2-75-101-204-185.compute-1.amazonaws.com anywhere
DROP all -- ec2-184-73-72-155.compute-1.amazonaws.com anywhere
DROP all -- ec2-184-73-5-174.compute-1.amazonaws.com anywhere
DROP all -- c-98-203-246-82.hsd1.wa.comcast.net anywhere
DROP all -- ip-83-134-77-18.dsl.scarlet.be anywhere
DROP all -- 83.103.165.169 anywhere
DROP all -- mother.dimachosting.net anywhere
DROP all -- ll-10.195.170.83.lv.sovam.net.ua anywhere
DROP all -- client-87-247-103-244.inturbo.lt anywhere
DROP all -- 85-113-199-107.ip.yaroslavl.ru anywhere
DROP all -- 65.55.5.137 anywhere
DROP all -- crawl-66-249-68-84.googlebot.com anywhere
DROP all -- crawl-66-249-67-123.googlebot.com anywhere
DROP all -- dnm.78.114.188.95.dsl.krasnet.ru anywhere
DROP all -- dsl88-233-30763.ttnet.net.tr anywhere
DROP all -- 95.66.144.193 anywhere
DROP all -- 95.66.144.190 anywhere
DROP all -- h-67-103-122-122.snfccasy.static.covad.net anywhere
DROP all -- 115.240.22.105 anywhere
DROP all -- 83.170.226.194 anywhere
DROP all -- ABTS-North-Static-054.126.176.122.airtelbroadband.in anywhere
DROP all -- dns0309.your-server.de anywhere
DROP all -- dns01lb.your-server.de anywhere
DROP all -- ABTS-North-Static-058.126.176.122.airtelbroadband.in anywhere
DROP all -- ABTS-North-Static-040.126.176.122.airtelbroadband.in anywhere
DROP all -- crawl-66-249-71-87.googlebot.com anywhere
DROP all -- crawl-66-249-71-65.googlebot.com anywhere
DROP all -- dragaera.releasedominatrix.com anywhere
DROP all -- 172.76.125.74.dail.lz.gs.dynamic.163data.com.cn anywhere
DROP all -- 193.169.22.148 anywhere
DROP all -- host-static-93-116-111-181.moldtelecom.md anywhere
DROP all -- host-93-124-41-248.dsl.sura.ru anywhere
DROP all -- dnsnode4-x4.lsanca.sbcglobal.net anywhere
DROP all -- dnsnode10-x4.lsanca.sbcglobal.net anywhere
DROP all -- dnsnode7-x4.lsanca.sbcglobal.net anywhere
DROP all -- dnsnode5-x4.lsanca.sbcglobal.net anywhere
DROP all -- dnsnode12-x4.lsanca.sbcglobal.net anywhere
DROP all -- dnsnode2-x4.lsanca.sbcglobal.net anywhere
DROP all -- dnsnode11-x4.lsanca.sbcglobal.net anywhere
DROP all -- dnsnode1-x4.lsanca.sbcglobal.net anywhere
DROP all -- dnsnode6-x4.lsanca.sbcglobal.net anywhere
DROP all -- dnsnode9-x4.lsanca.sbcglobal.net anywhere
DROP all -- 207.46.200.39 anywhere
DROP all -- crawl-66-249-68-243.googlebot.com anywhere
DROP all -- crawl-66-249-68-33.googlebot.com anywhere
DROP all -- dsl.static859924243.ttnet.net.tr anywhere
DROP all -- dsl.dynamic8597226236.ttnet.net.tr anywhere
DROP all -- 208.69.59.148 anywhere
DROP all -- host-41.235.211.246.tedata.net anywhere
DROP all -- 65.55.5.138 anywhere
DROP all -- 194.165.149.162 anywhere
DROP all -- 208.20.6.242 anywhere
DROP all -- adsl-74-69-217.aby.bellsouth.net anywhere
DROP all -- crawler5043.ask.com anywhere
DROP all -- 222.47.63.132 anywhere
DROP all -- crawl-66-249-68-59.googlebot.com anywhere
DROP all -- crawl-66-249-68-107.googlebot.com anywhere
DROP all -- 62.175.55.136.dyn.user.ono.com anywhere
DROP all -- dsl85-106-34677.ttnet.net.tr anywhere
DROP all -- 65.55.5.141 anywhere
DROP all -- dns1.salporin.privatedns.com anywhere
DROP all -- dns1.coorr.privatedns.com anywhere
DROP all -- dns2.coorr.privatedns.com anywhere
DROP all -- dns3.salporin.privatedns.com anywhere
DROP all -- dns2.salporin.privatedns.com anywhere
DROP all -- dns3.coorr.privatedns.com anywhere
DROP all -- d170-055.sps.net.sa anywhere
DROP all -- 180.94.31.12 anywhere
DROP all -- 207.46.200.37 anywhere
DROP all -- sab57-2-82-236-240-99.fbx.proxad.net anywhere
DROP all -- crawl-66-249-68-102.googlebot.com anywhere
DROP all -- crawl-66-249-67-243.googlebot.com anywhere
DROP all -- 113.142.10.14 anywhere
DROP all -- 113.142.10.13 anywhere
DROP all -- host-41.234.109.88.tedata.net anywhere
DROP all -- mail.neurolanguage.com anywhere
DROP all -- 79-75-92-239.dynamic.dsl.as9105.com anywhere
DROP all -- ird-asia09-rx-eth.kow.newskies.net anywhere
DROP all -- ivhou-216-40-192-101.theplanet.com anywhere
DROP all -- ivhou-216-40-192-106.theplanet.com anywhere
DROP all -- ivhou-216-40-192-100.theplanet.com anywhere
DROP all -- ivhou-216-40-192-102.theplanet.com anywhere
DROP all -- ivhou-216-40-192-104.theplanet.com anywhere
DROP all -- 125.234.187.78.static.turktelekom.com.tr anywhere
DROP all -- static-208-80-194-127.as13448.com anywhere
DROP all -- 207.46.200.45 anywhere
DROP all -- crawler5041.ask.com anywhere
DROP all -- crawl-66-249-71-132.googlebot.com anywhere
DROP all -- crawl-66-249-71-5.googlebot.com anywhere
DROP all -- 65.55.5.140 anywhere
DROP all -- 62.175.39.185.dyn.user.ono.com anywhere
DROP all -- crawl-66-249-67-227.googlebot.com anywhere
DROP all -- crawl-66-249-68-57.googlebot.com anywhere
DROP all -- crawl-66-249-67-58.googlebot.com anywhere
DROP all -- crawl-66-249-68-75.googlebot.com anywhere
DROP all -- 200.183.159.124 anywhere
DROP all -- 80.174.42.59.dyn.user.ono.com anywhere
DROP all -- 207.46.200.38 anywhere
DROP all -- ip-216-17-239-140.rev.frii.com anywhere
DROP all -- 207.46.200.43 anywhere
DROP all -- 124.74.214.214 anywhere
DROP all -- 69.90.83.92 anywhere
DROP all -- 69.90.83.91 anywhere
DROP all -- 173.241.68.56.adsl.fultontelephone.net anywhere
DROP all -- crawl-66-249-67-207.googlebot.com anywhere
DROP all -- crawl-66-249-68-202.googlebot.com anywhere
DROP all -- 85.108.102.64 anywhere
DROP all -- dsl85-102-36639.ttnet.net.tr anywhere
DROP all -- ip-216-17-239-139.rev.frii.com anywhere
DROP all -- 85.110.86.115 anywhere
DROP all -- 207.46.200.42 anywhere
DROP all -- ner-as19227.alshamil.net.ae anywhere
DROP all -- 207.46.200.36 anywhere
DROP all -- 173-192-238-45.robot.spinn3r.com anywhere
DROP all -- 173-192-238-46.robot.spinn3r.com anywhere
DROP all -- dnsmb1.t-2.net anywhere
DROP all -- dnslj1.t-2.net anywhere
DROP all -- AMarseille-553-1-219-68.w92-153.abo.wanadoo.fr anywhere
DROP all -- ns2.cvzoom.net anywhere
DROP all -- netblock-208-127-145-153.value.net anywhere
DROP all -- dns-8.zoominternet.net anywhere
DROP all -- bayipsdnsc04.bay.msn.net anywhere
DROP all -- NSG-Corporate-147.40.180.122.airtel.in anywhere
DROP all -- user-12-129-142-17.barbourville.com anywhere
Alors on vois qu'il y a google bot, plain de bot DNS des IP d'iran de canada etc.. est ce normal? Pourquoi les bots scannent mes ports? Et pour quoi sur le deuxième serveur je n'ai rien de tout ca?