記一次mysql5.7測試數(shù)據(jù)庫被刪表的問題
問題描述
為了方便臨時(shí)測試,就用docker啟動(dòng)了一個(gè)mysql容器,插入了一些測試數(shù)據(jù),用完之后端口(3306)忘了沒有關(guān)掉,被攻擊刪表(省的我自己刪了,哈哈),雖然是無用的數(shù)據(jù),多少是個(gè)教訓(xùn)。
詳情如下
多了一個(gè)README_ADK庫,庫下一張README表,被刪的庫下表都被刪,多了一張README表
內(nèi)容如下
mysql> select * from README\G;
*************************** 1. row ***************************
id: 1
readme: 以下數(shù)據(jù)庫已被刪除:blog, demo, school。 我們有完整的備份。 要恢復(fù)它,您必須向我們的比特幣地址bc1qvrgtzc06w2rjdfx8p9u789edw56dj8ffqvrcr5支付0.0075比特幣(BTC)。 如果您需要證明,請通過以下電子郵件與我們聯(lián)系。 shao58@tutanota.com 。 任何與付款無關(guān)的郵件都將被忽略!
BTC_address: bc1qvrgtzc06w2rjdfx8p9u789edw56dj8ffqvrcr5
email: shao58@tutanota.com
分析
從日志里分析,就是反復(fù)拿IP去嘗試:
2022-03-26T10:42:59.853033Z 515 [Warning] IP address '185.156.72.10' could not be resolved: Temporary failure in name resolution
2022-03-26T10:42:59.853301Z 515 [Note] Got packets out of order
2022-03-27T14:36:19.573519Z 519 [Warning] IP address '62.33.81.189' could not be resolved: Name or service not known
2022-03-27T14:36:23.135623Z 520 [Note] Aborted connection 520 to db: 'unconnected' user: 'root' host: '62.33.81.189' (Got an error reading communication packets)
2022-03-28T00:10:18.235145Z 521 [Warning] IP address '45.83.65.52' could not be resolved: Name or service not known
2022-03-28T00:10:19.050346Z 521 [Note] Got an error reading communication packets
2022-03-29T22:31:59.206892Z 526 [Warning] IP address '220.121.127.64' could not be resolved: Name or service not known
2022-03-29T22:31:59.207240Z 526 [Note] Got an error reading communication packets
2022-03-29T22:31:59.354422Z 527 [Warning] IP address '220.121.127.64' could not be resolved: Name or service not known
185.156.72.10 62.33.81.189 45.83.65.52 220.121.127.64
最后使用220.121.127.64嘗試密碼,賬號無非也就這幾個(gè):root、admin、dbuser
2022-03-29T22:31:59.407115Z 527 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:31:59.567125Z 528 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES) 2022-03-29T22:31:59.723754Z 529 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES) 2022-03-29T22:31:59.880975Z 530 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:00.039118Z 531 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:00.193880Z 532 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:00.349970Z 533 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:00.500841Z 534 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:00.656205Z 535 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:00.811764Z 536 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:00.969093Z 537 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:01.133076Z 538 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:01.288671Z 539 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:01.442683Z 540 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:01.601783Z 541 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:01.761714Z 542 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:01.917840Z 543 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:02.075536Z 544 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:02.232366Z 545 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:02.385997Z 546 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:02.540069Z 547 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:02.693008Z 548 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:02.850661Z 549 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:03.008801Z 550 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:03.170984Z 551 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:03.334929Z 552 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:03.492659Z 553 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:03.651087Z 554 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:03.808426Z 555 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:03.963486Z 556 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:04.124605Z 557 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:04.283725Z 558 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:04.440768Z 559 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:04.596011Z 560 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:04.754289Z 561 [Note] Access denied for user 'root'@'220.121.127.64' (using password: NO) 2022-03-29T22:32:04.907366Z 562 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:05.060965Z 563 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:05.215070Z 564 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:05.371235Z 565 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:05.528679Z 566 [Note] Access denied for user 'dbuser'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:05.681098Z 567 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:05.838812Z 568 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:05.997501Z 569 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:06.153071Z 570 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:06.311484Z 571 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:06.468059Z 572 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:06.624770Z 573 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:06.781596Z 574 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:06.937078Z 575 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:07.094248Z 576 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:07.246081Z 577 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:07.403646Z 578 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:07.558726Z 579 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:07.717434Z 580 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:07.879938Z 581 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:08.040560Z 582 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:08.196426Z 583 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:08.351225Z 584 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:08.509896Z 585 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:08.671657Z 586 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: NO) 2022-03-29T22:32:08.834790Z 587 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:08.991720Z 588 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:09.150627Z 589 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:09.311116Z 590 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:09.465177Z 591 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:09.620654Z 592 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:09.772162Z 593 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:09.927748Z 594 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:10.082127Z 595 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:10.235722Z 596 [Note] Access denied for user 'root'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:10.389369Z 597 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES) 2022-03-29T22:32:10.546182Z 598 [Note] Access denied for user 'admin'@'220.121.127.64' (using password: YES)
總結(jié)
數(shù)據(jù)庫可以避免%用戶,若需要%用戶,可避免這幾個(gè)用戶名,密碼盡量復(fù)雜(https://suijimimashengcheng.bmcx.com隨機(jī)密碼,避免密碼:root,admin,123此類的易出現(xiàn)的密碼)。
端口可以加指定白名單訪問,常用的端口可以用別的端口替代,如22端口用8822,3306用13306代替等。
以上為個(gè)人經(jīng)驗(yàn),希望能給大家一個(gè)參考,也希望大家多多支持腳本之家。
相關(guān)文章
Linux(Ubuntu)下Mysql5.6.28安裝配置方法圖文教程
這篇文章主要為大家詳細(xì)介紹了Linux(Ubuntu)下Mysql5.6.28安裝配置方法圖文教程,具有一定的參考價(jià)值,感興趣的小伙伴們可以參考一下2017-01-01庫名表名大小寫問題與sqlserver兼容的啟動(dòng)配置方法
庫名表名大小寫問題與sqlserver兼容的啟動(dòng)配置方法,需要的朋友可以參考下。2010-12-12mysql regexp匹配多個(gè)字符串實(shí)現(xiàn)
本文主要介紹了mysql regexp匹配多個(gè)字符串實(shí)現(xiàn),可以利用REGEXP正則表達(dá)式匹配多個(gè)字符串,從而實(shí)現(xiàn)高效查詢,具有一定的參考價(jià)值,感興趣的可以了解一下2024-09-09MySQL中的binlog相關(guān)命令和恢復(fù)技巧
這篇文章主要介紹了MySQL中的binlog相關(guān)命令和恢復(fù)技巧,需要的朋友可以參考下2014-05-05mysql優(yōu)化之query_cache_limit參數(shù)說明
query_cache_limit指定單個(gè)查詢能夠使用的緩沖區(qū)大小,缺省為1M,一般不需要優(yōu)化2021-07-07Sql Server數(shù)據(jù)庫遠(yuǎn)程連接訪問設(shè)置詳情
這篇文章主要介紹了Sql Server數(shù)據(jù)庫遠(yuǎn)程連接訪問設(shè)置詳情,文章圍繞主題展開詳細(xì)的內(nèi)容戒殺,具有一定的參考價(jià)值,需要的小伙伴可以參考一下2022-09-09SQL?ALTER?TABLE語句靈活修改表結(jié)構(gòu)和數(shù)據(jù)類型
這篇文章主要介紹了SQL?ALTER?TABLE語句靈活修改表結(jié)構(gòu)和數(shù)據(jù)類型,有需要的朋友可以借鑒參考下,希望能夠有所幫助,祝大家多多進(jìn)步,早日升職加薪2023-12-12