-
Notifications
You must be signed in to change notification settings - Fork 466
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
natpass 被用于黑客攻击,如何侦测 ? #64
Labels
question
Further information is requested
Comments
natpass创建连接时有一次握手的过程,内容可通过握手报文进行识别,如果未进行tls加密的话可通过这个握手报文进行阻断。 |
另外建议修改或加强common.yaml中的密钥长度提高安全性 |
另外可以通过修改/etc/systemd/system/np-cli.service中的User字段使其运行在一个低身份的用户下,比如nobody |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Decription
目前我们服务器被攻击,发现natpass-cli 启用6145 作为端口,
问题
如何侦测通过natpass 进程服务?
The text was updated successfully, but these errors were encountered: