因为是做测试用的,所以就没做密码,结果今天早上一看,库全被删了
{
"_id" : ObjectId("58743f490c474c53fc948a96"),
"Info" : "Your DB is Backed up at our servers, to restore send 0.1 BTC to the Bitcoin Address then send an email with your server ip",
"Bitcoin Address" : "1J5ADzFv1gx3fsUPUY1AWktuJ6DF9P6hiF",
"Email" : "[email protected]"
}
1
cnnblike 2017-01-10 09:17:39 +08:00
|
2
MrSong0607 OP ```
2017-01-09T23:47:41.105+0800 I NETWORK [conn336] end connection 223.93.176.137:45793 (10 connections now open) 2017-01-10T07:56:22.767+0800 I NETWORK [initandlisten] connection accepted from 46.166.173.106:58901 #338 (9 connections now open) 2017-01-10T07:56:25.204+0800 I NETWORK [initandlisten] connection accepted from 46.166.173.106:59922 #339 (10 connections now open) 2017-01-10T07:56:26.868+0800 I COMMAND [conn339] dropDatabase admin starting 2017-01-10T07:56:26.984+0800 I COMMAND [conn339] dropDatabase admin finished 2017-01-10T07:56:26.984+0800 I COMMAND [conn339] command admin command: dropDatabase { dropDatabase: 1 } keyUpdates:0 writeConflicts:0 numYields:0 reslen:56 locks:{ Global: { acquireCount: { r: 2, w: 1, W: 1 } }, Database: { acquireCount: { W: 1 } } } protocol:op_query 117ms 2017-01-10T07:56:27.423+0800 I COMMAND [conn339] dropDatabase cn_com_seo_facebook starting 2017-01-10T07:56:29.493+0800 I COMMAND [conn339] dropDatabase cn_com_seo_facebook finished 2017-01-10T07:56:29.493+0800 I COMMAND [conn339] command cn_com_seo_facebook command: dropDatabase { dropDatabase: 1 } keyUpdates:0 writeConflicts:0 numYields:0 reslen:70 locks:{ Global: { acquireCount: { r: 2, w: 1, W: 1 } }, Database: { acquireCount: { W: 1 } } } protocol:op_query 2070ms 2017-01-10T07:56:29.920+0800 I COMMAND [conn339] dropDatabase cn_com_seo_mis_auth starting 2017-01-10T07:56:30.324+0800 I COMMAND [conn339] dropDatabase cn_com_seo_mis_auth finished 2017-01-10T07:56:30.324+0800 I COMMAND [conn339] command cn_com_seo_mis_auth command: dropDatabase { dropDatabase: 1 } keyUpdates:0 writeConflicts:0 numYields:0 reslen:70 locks:{ Global: { acquireCount: { r: 2, w: 1, W: 1 } }, Database: { acquireCount: { W: 1 } } } protocol:op_query 404ms 2017-01-10T07:56:30.736+0800 I COMMAND [conn339] dropDatabase local starting 2017-01-10T07:56:30.802+0800 I COMMAND [conn339] dropDatabase local finished 2017-01-10T08:07:22.807+0800 I NETWORK [conn339] end connection 46.166.173.106:59922 (9 connections now open) 2017-01-10T08:54:41.773+0800 I NETWORK [conn338] end connection 46.166.173.106:58901 (8 connections now open) ``` |
3
davidyin 2017-01-10 09:55:34 +08:00
密码不是应该在安装的时候就设置好的吗。
|
4
jizhidebocai 2017-01-10 09:55:47 +08:00
mongo 有一个漏洞,需要用 bind_ip 做一下限制
|
5
xiaoz 2017-01-10 10:11:45 +08:00
没有关闭 27017 的远程访问吧?
|
6
sudo123 2017-01-10 10:38:25 +08:00
|
7
gouchaoer 2017-01-10 10:42:08 +08:00
hacker 很难再自己服务器上做备份,他这种方式估计打钱的人不多……其实他可以改变一下策略,把当前数据库的一些记录用 2 个密钥加密,留下接触方式,你接触到了可以获得一个密钥解密部分数据,要获得另一个密钥请打钱(逃
|
9
tinyproxy 2017-01-10 12:58:15 +08:00
|
10
davidyin 2017-01-10 13:56:24 +08:00
@lyndonneu18 设置密码不是一个基本素养吗?还需要被强制才去设置.
|
11
soli 2017-01-10 13:58:51 +08:00
顺便提一句,在阿里云上 bind 192.168.x.x ,还是能在外网被访问到的。
|
12
langmoe 2017-01-10 14:09:20 +08:00
iptables 的重要性这时候就体现出来了。。
|
13
murmur 2017-01-10 14:13:15 +08:00
这句话怎么讲,今天你支持比特币,明天黑你服务器的经费里就有你出的一部分(笑)
|
16
mingyun 2017-01-10 23:18:55 +08:00
前几天就爆了
|
17
suyuanhxx 2017-01-10 23:48:42 +08:00 via iPhone
我阿里云的测试机每天都被清库,反正也只是用来学习的,被删了也不管🌚
|
18
suyuanhxx 2017-01-11 14:03:15 +08:00
我今天仔细看了下,和楼主一样,都是被这个人黑的
|