| 节点 | 状态 | SSH 生效配置 | fail2ban | 日志占用 | 备份目录 |
|---|---|---|---|---|---|
| JP 64.118.144.182 | 已加固 | maxauthtries 3;permitrootlogin without-password;passwordauthentication no;kbdinteractiveauthentication no; | active | Archived and active journals take up 37.8M in the file system. | /root/backups/hermes_security_20260523T115919Z |
| KR 131.186.27.212 | 已加固 | maxauthtries 3;permitrootlogin without-password;passwordauthentication no;kbdinteractiveauthentication no; | active | Archived and active journals take up 249.2M in the file system. | /root/backups/hermes_security_20260523T115919Z |
| USB 161.153.95.69 | 已加固 | maxauthtries 3;permitrootlogin without-password;passwordauthentication no;kbdinteractiveauthentication no; | active | Archived and active journals take up 56.7M in the file system. | /root/backups/hermes_security_20260523T115919Z |
| DE 47.254.140.158 | 已加固 | maxauthtries 3;permitrootlogin without-password;passwordauthentication no;kbdinteractiveauthentication no; | active | Archived and active journals take up 252.4M in the file system. | /root/backups/hermes_security_20260523T115919Z |
| HK 82.158.88.91 | 已加固 | maxauthtries 3;permitrootlogin without-password;passwordauthentication no;kbdinteractiveauthentication no; | active | Archived and active journals take up 217.5M in the file system. | /root/backups/hermes_security_20260523T115919Z |
| TK 103.232.213.10 | 已加固 | maxauthtries 3;permitrootlogin without-password;passwordauthentication no;kbdinteractiveauthentication no; | active | Archived and active journals take up 64.0M in the file system. | /root/backups/hermes_security_20260523T115919Z |
| AR 129.146.59.53 | 已加固 | maxauthtries 3;permitrootlogin without-password;passwordauthentication no;kbdinteractiveauthentication no; | active | Archived and active journals take up 149.7M in the file system. | /root/backups/hermes_security_20260523T115919Z |
| KRB 161.118.130.5 | 已加固 | maxauthtries 3;permitrootlogin without-password;passwordauthentication no;kbdinteractiveauthentication no; | active | Archived and active journals take up 248.4M in the file system. | /root/backups/hermes_security_20260523T115919Z |
| US 186.244.244.52 | 已加固 | maxauthtries 3;permitrootlogin without-password;passwordauthentication no;kbdinteractiveauthentication no; | active | Archived and active journals take up 248.2M in the file system. | /root/backups/hermes_security_20260523T115919Z |
| HKA 38.76.188.244 | 已加固 | maxauthtries 3;permitrootlogin without-password;passwordauthentication no;kbdinteractiveauthentication no; | active | Archived and active journals take up 41.0M in the file system. | /root/backups/hermes_security_20260523T115919Z |
| HKY 185.155.235.171 | 已加固 | maxauthtries 3;permitrootlogin without-password;passwordauthentication no;kbdinteractiveauthentication no; | active | Archived and active journals take up 40.0M in the file system. | /root/backups/hermes_security_20260523T115919Z |
Aegis 是云厂商安全代理。用户确认不再需要后,已先备份状态,再停止服务并清理 failed 状态。
/root/backups/hermes_aegis_disable_20260523T115919Zinactiveenabled空BACKUP_DIR=/root/backups/hermes_aegis_followup_20260523T120100Z ACTIVE=inactive ENABLED=enabled FAILED= MOVE_ERR=mv: cannot move '/etc/systemd/system/multi-user.target.wants/aegis.service' to '/root/backups/hermes_aegis_followup_20260523T120100Z/aegis.service.disabled-link': Operation not permitted;
| 端口 | 进程 | 判断 |
|---|---|---|
| 443 | nginx | Nginx HTTPS,aa.loveason.com / panel.aa.loveason.com |
| 8317 | docker-proxy | Docker clirelay-server / cli-proxy-api 面板/API,返回 X-Cpa-* 版本头 |
| 80 | nginx | Nginx HTTP,当前跳转到 https://aa.loveason.com/ |
| 22 | sshd | SSH 远程登录,已限制为密钥登录、最多 3 次尝试 |
| 888 | nginx | Nginx phpmyadmin 监听,当前本机返回 404,建议确认是否仍需公网开放 |
| 1455 | docker-proxy | Docker clirelay-server / cli-proxy-api 映射端口,HTTP 探测连接被重置,像是非普通网页协议或需要特定请求 |
| 8085 | docker-proxy | Docker clirelay-server / cli-proxy-api 映射端口,HTTP 探测连接被重置,像是非普通网页协议或需要特定请求 |
| 2058 | sysmond-bin | sys-monitor 容器内进程 sysmond-bin 监听,未做关闭 |
本轮只核查和标注用途,没有关闭 US Docker、Nginx 或业务端口。
888 不再需要公网访问,建议下一轮单独收敛到本机或关闭该 listen。/usr/local/aegis,除非你明确授权“删除厂商安全代理目录”。