安裝了 psa-proftpd 的未經授權的 FTP 會話；Plesk Centos 5 伺服器

我已經解除安裝了所有的 ftp 程序，除了一個 plesk 正在執行 psa-proftpd。使用 yum（Centos 5 伺服器）刪除時，它似乎解除安裝了很多 plesk 軟體包。也許我反應過度了，所以我在這裡就這些日誌顯示的內容髮表意見。這是讓我擔心的系統消息日誌：

Jan 12 05:08:27 server1 xinetd[10239]: START: smtp pid=28459 from=180.246.57.51
Jan 12 05:08:31 server1 xinetd[10239]: EXIT: smtp status=0 pid=28459 duration=4(sec)
Jan 12 05:48:49 server1 xinetd[10239]: START: smtp pid=12157 from=67.212.234.107
Jan 12 05:48:53 server1 xinetd[10239]: EXIT: smtp status=0 pid=12157 duration=4(sec)
Jan 12 07:26:24 server1 xinetd[10239]: START: smtp pid=18076 from=127.0.0.1
Jan 12 07:26:24 server1 xinetd[10239]: EXIT: smtp status=0 pid=18076 duration=0(sec)
Jan 12 07:54:20 server1 xinetd[10239]: START: smtp pid=3805 from=209.85.214.196
Jan 12 07:54:22 server1 xinetd[10239]: START: smtp pid=3822 from=127.0.0.1
Jan 12 07:54:22 server1 xinetd[10239]: EXIT: smtp status=0 pid=3822 duration=0(sec)
Jan 12 07:54:51 server1 xinetd[10239]: EXIT: smtp status=0 pid=3805 duration=31(sec)
Jan 12 16:17:31 server1 xinetd[10239]: START: ftp pid=24476 from=122.195.23.132
Jan 12 16:17:31 server1 proftpd[24476]: 207.55.244.72 (122.195.23.132[122.195.23.132]) - FTP session opened.
Jan 12 16:17:32 server1 proftpd[24476]: 207.55.244.72 (122.195.23.132[122.195.23.132]) - Preparing to chroot to directory '/var/www/vhosts/centerondisability.org/web_users/test'
Jan 12 16:17:35 server1 xinetd[10239]: EXIT: ftp status=0 pid=24476 duration=4(sec)
Jan 12 21:37:42 server1 xinetd[10239]: START: smtp pid=27839 from=200.86.88.101
Jan 12 21:37:46 server1 xinetd[10239]: EXIT: smtp status=1 pid=27839 duration=4(sec)
Jan 13 00:06:29 server1 xinetd[10239]: START: smtp pid=21939 from=182.177.193.108
Jan 13 00:06:33 server1 xinetd[10239]: EXIT: smtp status=1 pid=21939 duration=4(sec)
Jan 13 04:53:48 server1 statistics: Unable to get dir size of /var/lib/mysql/test
Jan 13 04:53:48 server1 statistics: Unable to get database status for "test": Unknown database 'test'
Jan 13 13:38:41 server1 xinetd[10239]: START: smtp pid=21828 from=190.11.80.187
Jan 13 13:38:49 server1 xinetd[10239]: EXIT: smtp status=0 pid=21828 duration=8(sec)
Jan 13 15:47:04 server1 xinetd[10239]: START: smtp pid=16102 from=72.18.226.236
Jan 13 15:47:07 server1 xinetd[10239]: EXIT: smtp status=0 pid=16102 duration=3(sec)
Jan 13 15:47:44 server1 xinetd[10239]: START: ftp pid=18085 from=67.205.103.181
Jan 13 15:47:44 server1 proftpd[18085]: 207.55.244.72 (67.205.103.181[67.205.103.181]) - FTP session opened.
Jan 13 15:47:44 server1 proftpd[18085]: 207.55.244.72 (67.205.103.181[67.205.103.181]) - FTP session closed.
Jan 13 15:47:44 server1 xinetd[10239]: EXIT: ftp status=0 pid=18085 duration=0(sec)
Jan 13 15:47:44 server1 xinetd[10239]: START: ftp pid=18093 from=67.205.103.181
Jan 13 15:47:44 server1 proftpd[18093]: 207.55.244.72 (67.205.103.181[67.205.103.181]) - FTP session opened.
Jan 13 15:47:44 server1 proftpd[18093]: 207.55.244.72 (67.205.103.181[67.205.103.181]) - FTP session closed.
Jan 13 15:47:44 server1 xinetd[10239]: EXIT: ftp status=0 pid=18093 duration=0(sec)
Jan 13 17:55:59 server1 xinetd[10239]: START: smtp pid=21697 from=127.0.0.1
Jan 13 17:55:59 server1 xinetd[10239]: EXIT: smtp status=0 pid=21697 duration=0(sec)
Jan 13 19:58:20 server1 xinetd[10239]: START: smtp pid=9543 from=127.0.0.1
Jan 13 19:58:20 server1 xinetd[10239]: EXIT: smtp status=0 pid=9543 duration=0(sec)
Jan 14 04:53:55 server1 statistics: Unable to get dir size of /var/lib/mysql/test
Jan 14 04:53:55 server1 statistics: Unable to get database status for "test": Unknown database 'test'
Jan 14 05:08:29 server1 xinetd[10239]: START: ftp pid=3482 from=208.98.22.226
Jan 14 05:08:29 server1 proftpd[3482]: 207.55.244.72 (208.98.22.226[208.98.22.226]) - FTP session opened.
Jan 14 05:08:30 server1 xinetd[10239]: EXIT: ftp status=0 pid=3482 duration=1(sec)
Jan 14 05:08:30 server1 xinetd[10239]: START: ftp pid=3486 from=208.98.22.226
Jan 14 05:08:30 server1 proftpd[3486]: 207.55.244.72 (208.98.22.226[208.98.22.226]) - FTP session opened.
Jan 14 05:08:30 server1 xinetd[10239]: EXIT: ftp status=0 pid=3486 duration=0(sec)
Jan 14 05:08:30 server1 xinetd[10239]: START: ftp pid=3488 from=208.98.22.226

我們不使用 FTP 做任何事情。只有ssh。我該怎麼辦？我是否冒著破壞 Plesk 的風險以及訪問它的非技術使用者只是 SOL（我的理想），還是有其他方法可以阻止這些訪問嘗試？

最簡單的方法就是在您的伺服器上編輯防火牆規則/etc/sysconfig/iptables並關閉對外部 IP 的埠 20 和 21 的訪問，這不會破壞 plesk 並且您將不再看到那些討厭的嘗試。

引用自：https://serverfault.com/questions/224332