这是一个创建于 3199 天前的主题,其中的信息可能已经有所发展或是发生改变。
因为是做测试用的,所以就没做密码,结果今天早上一看,库全被删了
{ "_id" : ObjectId("58743f490c474c53fc948a96"), "Info" : "Your DB is Backed up at our servers, to restore send 0.1 BTC to the Bitcoin Address then send an email with your server ip", "Bitcoin Address" : "1J5ADzFv1gx3fsUPUY1AWktuJ6DF9P6hiF", "Email" : "[email protected]" }  | 1 cnnblike 2017-01-10 09:17:39 +08:00 |
 | 2 MrSong0607 OP ``` 2017-01-09T23:47:41.105+0800 I NETWORK [conn336] end connection 223.93.176.137:45793 (10 connections now open) 2017-01-10T07:56:22.767+0800 I NETWORK [initandlisten] connection accepted from 46.166.173.106:58901 #338 (9 connections now open) 2017-01-10T07:56:25.204+0800 I NETWORK [initandlisten] connection accepted from 46.166.173.106:59922 #339 (10 connections now open) 2017-01-10T07:56:26.868+0800 I COMMAND [conn339] dropDatabase admin starting 2017-01-10T07:56:26.984+0800 I COMMAND [conn339] dropDatabase admin finished 2017-01-10T07:56:26.984+0800 I COMMAND [conn339] command admin command: dropDatabase { dropDatabase: 1 } keyUpdates:0 writeConflicts:0 numYields:0 reslen:56 locks:{ Global: { acquireCount: { r: 2, w: 1, W: 1 } }, Database: { acquireCount: { W: 1 } } } protocol:op_query 117ms 2017-01-10T07:56:27.423+0800 I COMMAND [conn339] dropDatabase cn_com_seo_facebook starting 2017-01-10T07:56:29.493+0800 I COMMAND [conn339] dropDatabase cn_com_seo_facebook finished 2017-01-10T07:56:29.493+0800 I COMMAND [conn339] command cn_com_seo_facebook command: dropDatabase { dropDatabase: 1 } keyUpdates:0 writeConflicts:0 numYields:0 reslen:70 locks:{ Global: { acquireCount: { r: 2, w: 1, W: 1 } }, Database: { acquireCount: { W: 1 } } } protocol:op_query 2070ms 2017-01-10T07:56:29.920+0800 I COMMAND [conn339] dropDatabase cn_com_seo_mis_auth starting 2017-01-10T07:56:30.324+0800 I COMMAND [conn339] dropDatabase cn_com_seo_mis_auth finished 2017-01-10T07:56:30.324+0800 I COMMAND [conn339] command cn_com_seo_mis_auth command: dropDatabase { dropDatabase: 1 } keyUpdates:0 writeConflicts:0 numYields:0 reslen:70 locks:{ Global: { acquireCount: { r: 2, w: 1, W: 1 } }, Database: { acquireCount: { W: 1 } } } protocol:op_query 404ms 2017-01-10T07:56:30.736+0800 I COMMAND [conn339] dropDatabase local starting 2017-01-10T07:56:30.802+0800 I COMMAND [conn339] dropDatabase local finished 2017-01-10T08:07:22.807+0800 I NETWORK [conn339] end connection 46.166.173.106:59922 (9 connections now open) 2017-01-10T08:54:41.773+0800 I NETWORK [conn338] end connection 46.166.173.106:58901 (8 connections now open) ``` |
 | 3 davidyin 2017-01-10 09:55:34 +08:00 密码不是应该在安装的时候就设置好的吗。 |
 | 4 jizhidebocai 2017-01-10 09:55:47 +08:00 mongo 有一个漏洞,需要用 bind_ip 做一下限制 |
 | 5 xiaoz 2017-01-10 10:11:45 +08:00 没有关闭 27017 的远程访问吧? |
 | 6 sudo123 2017-01-10 10:38:25 +08:00 |
 | 7 gouchaoer 2017-01-10 10:42:08 +08:00 hacker 很难再自己服务器上做备份,他这种方式估计打钱的人不多……其实他可以改变一下策略,把当前数据库的一些记录用 2 个密钥加密,留下接触方式,你接触到了可以获得一个密钥解密部分数据,要获得另一个密钥请打钱(逃 |
 | 9 tinyproxy 2017-01-10 12:58:15 +08:00 |
| 10 davidyin 2017-01-10 13:56:24 +08:00 @lyndonneu18 设置密码不是一个基本素养吗?还需要被强制才去设置. |
 | 11 soli 2017-01-10 13:58:51 +08:00 顺便提一句,在阿里云上 bind 192.168.x.x ,还是能在外网被访问到的。 |
 | 12 langmoe 2017-01-10 14:09:20 +08:00 iptables 的重要性这时候就体现出来了。。 |
 | 13 murmur 2017-01-10 14:13:15 +08:00 这句话怎么讲,今天你支持比特币,明天黑你服务器的经费里就有你出的一部分(笑) |
 | 16 mingyun 2017-01-10 23:18:55 +08:00 前几天就爆了 |
 | 17 suyuanhxx 2017-01-10 23:48:42 +08:00 via iPhone 我阿里云的测试机每天都被清库,反正也只是用来学习的,被删了也不管 |
| 18 suyuanhxx 2017-01-11 14:03:15 +08:00 我今天仔细看了下,和楼主一样,都是被这个人黑的 |
Select Language