测试方法:
1.将mongodb开放外网端口,放置24小时以上;
2.查看24小时内的访问日志;
可以看到的异常的连接和来自几个地方:
2020-07-31T04:40:05.983+0800 I NETWORK [thread1] connection accepted from 80.82.70.225:54864 #50 (30 connections now open) 荷兰阿姆斯特丹
2020-07-31T05:41:55.560+0800 I NETWORK [thread1] connection accepted from 47.92.116.44:53517 #53 (30 connections now open) 北京市北京市 阿里云
2020-07-31T06:10:14.770+0800 I NETWORK [thread1] connection accepted from 120.78.231.236:50072 #54 (30 connections now open) 广东省深圳市 阿里云
2020-07-31T08:05:26.507+0800 I NETWORK [thread1] connection accepted from 185.134.22.78:54266 #55 (30 connections now open) 德国
2020-07-31T08:20:10.646+0800 I NETWORK [thread1] connection accepted from 106.15.76.85:49624 #62 (37 connections now open) 上海市上海市 阿里云
2020-07-31T09:43:58.730+0800 I NETWORK [thread1] connection accepted from 149.248.11.206:49252 #65 (30 connections now open) 美国加利福尼亚洛杉矶
这说明,要么这些服务器是攻击者,要么这些服务器是代理,要么这些服务器是肉鸡。
转载请注明来源:https://www.cnblogs.com/bugutian/
