one day ,when i login to my ubuntu vps. i found my vps server login two session one time by follow command. ss -tnp | grep sshd then ,i realize that my server has been hacked. so , i decide to do somthing to protect my server. the first thing is to configuremy server to use key-based ssh login instead of login with a username and password method. first, i generate the ssh key using the follow command. ssh-keygen -t ed25519 -C "joey@itech.sh" if you use the default settings to answer the previous question. two files will be generated in the following directory. ~/.ssh/id_ed25519 ← (private key) ~/.ssh/id_ed25519.pub ← (public key) and then ,what i need to do is upload he publick key to my server.so i use the following command to accomplish this. ssh-copy-id root@memos.ifish.blog in the above command , root@memos.ifish.blog is the vps server domain and username.after the command complete ,the public key will be uploaded in the vps's root directory once you finish the ablove steps. i can login my vps server now. but if i want to use putty to login to my server. i need to convert the private key to a format that putty can read . this process is simple.so i won't want explain here.
In linux you can capture the network package used by tcpdump sudo install tcpdmp,if you use debian .you can install it with apt install tcpdump 2. capture the newtork package used next command ,the network_interface_name can find by ip command. sudo tcpdump -i netwrok_interface_name -w capture_name.pcap 3. download the capture_name.pcap and opened it with wireshark.
After National Day, two server that install windows server 2016 will shut down every two hours. first,i doubt that the tempurate is too high so the server shut down itself to protect it.so i open the air conditioner. but it is shut down like i don't open the air conditioner. so i check the system log through system event viewer. in the system event viewer.i find the realy reason. the server shutdown because windows 2016 server is evalution version and it is out of date. so it shut down every a period of time. so i need to change it to stand version. the follow step is how to resolve it. open the command line , need administrator privileges. Run the next command DISM /online /Get-CurrentEdition DISM /online /Set-Edition:ServerStandard /ProductKey:WC2BQ-8NRM3-FDDYY-2BFGV-KHKQY /AcceptEula when the command run complete . after restart it .the version will change to stand. then you can active the windows 2016 server too otherwise the evaluation version can not active.
