Bonjour a tous,
Merci d'avance du coup de pouce.
Sur un serveur dédié, On m'a demandé un petite petite aide par rapport au mysql (rien d'important ).
Par contre
Je redemarre le mysql et là par habitude je regarde le log du mysql (/var/log/mysql/error.log).
et voici ce que je trouve (après mon redemarrage)
2023-03-28T18:49:57.004595Z 3 [Note] Access denied for user 'FUJIUSER'@'45.93.201.74' (using password: YES)
2023-03-28T18:49:57.122158Z 2 [Note] Access denied for user 'cw0270003'@'45.93.201.68' (using password: YES)
2023-03-28T18:50:29.926641Z 6 [Note] Access denied for user 'root'@'45.93.201.74' (using password: YES)
2023-03-28T18:50:55.607657Z 7 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:51:04.152479Z 8 [Note] Access denied for user 'root'@'45.93.201.74' (using password: YES)
2023-03-28T18:51:44.362566Z 9 [Note] Access denied for user 'root'@'45.93.201.74' (using password: YES)
2023-03-28T18:51:46.831639Z 10 [Note] Access denied for user 'cw0270004'@'45.93.201.68' (using password: YES)
2023-03-28T18:52:24.186392Z 11 [Note] Access denied for user 'root'@'45.93.201.74' (using password: YES)
2023-03-28T18:52:33.722964Z 12 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:52:57.126011Z 13 [Note] Access denied for user 'root'@'45.93.201.74' (using password: YES)
2023-03-28T18:53:33.504307Z 15 [Note] Access denied for user 'zj'@'45.93.201.74' (using password: YES)
2023-03-28T18:53:36.217033Z 14 [Note] Access denied for user 'cw0270005'@'45.93.201.68' (using password: YES)
2023-03-28T18:54:07.037196Z 16 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:54:18.481591Z 17 [Note] Access denied for user 'pcxt'@'45.93.201.74' (using password: YES)
2023-03-28T18:54:59.154801Z 18 [Note] Access denied for user 'root'@'45.93.201.74' (using password: YES)
2023-03-28T18:55:24.867587Z 19 [Note] Access denied for user 'cw0270006'@'45.93.201.68' (using password: YES)
2023-03-28T18:55:35.318577Z 20 [Note] Access denied for user 'root'@'45.93.201.74' (using password: YES)
2023-03-28T18:55:42.338548Z 21 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:56:15.405583Z 22 [Note] Access denied for user 'clgsoft'@'45.93.201.74' (using password: YES)
2023-03-28T18:56:36.625192Z 23 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:56:39.697412Z 24 [Note] Access denied for user 'cw0270007'@'45.93.201.68' (using password: YES)
2023-03-28T18:56:58.221625Z 25 [Note] Access denied for user 'qingshu'@'45.93.201.74' (using password: YES)
2023-03-28T18:56:58.444712Z 26 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:57:04.438312Z 27 [Note] Access denied for user 'cw0270008'@'45.93.201.68' (using password: YES)
2023-03-28T18:57:12.959032Z 28 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:57:31.619400Z 29 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:57:32.041824Z 30 [Note] Access denied for user 'cw0270009'@'45.93.201.68' (using password: YES)
2023-03-28T18:57:34.625634Z 31 [Note] Access denied for user 'xinwei'@'45.93.201.74' (using password: YES)
2023-03-28T18:57:46.637881Z 32 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:57:56.582309Z 33 [Note] Access denied for user 'cw0270010'@'45.93.201.68' (using password: YES)
2023-03-28T18:58:02.767200Z 34 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:58:10.486565Z 35 [Note] Access denied for user 'tc_wljiaofei'@'45.93.201.74' (using password: YES)
2023-03-28T18:58:20.529647Z 36 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:58:20.960710Z 37 [Note] Access denied for user 'cw0270011'@'45.93.201.68' (using password: YES)
2023-03-28T18:58:34.671789Z 38 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:58:42.275659Z 39 [Note] Access denied for user 'lc0289999'@'45.93.201.68' (using password: YES)
2023-03-28T18:58:51.684171Z 40 [Note] Access denied for user '0401'@'45.93.201.74' (using password: YES)
2023-03-28T18:58:52.492588Z 41 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:59:06.454531Z 42 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:59:06.988647Z 43 [Note] Access denied for user 'ad0289999'@'45.93.201.68' (using password: YES)
2023-03-28T18:59:24.375197Z 44 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:59:31.694736Z 45 [Note] Access denied for user '0402'@'45.93.201.74' (using password: YES)
2023-03-28T18:59:34.021526Z 46 [Note] Access denied for user 'cw0176666'@'45.93.201.68' (using password: YES)
2023-03-28T18:59:37.975322Z 47 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:59:55.539723Z 48 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T18:59:56.590092Z 49 [Note] Access denied for user 'cw0174444'@'45.93.201.68' (using password: YES)
2023-03-28T19:00:06.209348Z 50 [Note] Access denied for user '1800'@'45.93.201.74' (using password: YES)
2023-03-28T19:00:09.426991Z 51 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T19:00:20.353332Z 52 [Note] Access denied for user 'cw0170002'@'45.93.201.68' (using password: YES)
2023-03-28T19:00:26.873797Z 53 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T19:00:38.371315Z 54 [Note] Access denied for user 'visionweb'@'45.93.201.74' (using password: YES)
2023-03-28T19:00:40.819772Z 55 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T19:00:42.306807Z 56 [Note] Access denied for user 'cw0170003'@'45.93.201.68' (using password: YES)
2023-03-28T19:00:58.396899Z 57 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T19:01:08.385637Z 58 [Note] Access denied for user 'cw0170004'@'45.93.201.68' (using password: YES)
2023-03-28T19:01:12.094349Z 59 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T19:01:16.841929Z 60 [Note] Access denied for user 'root'@'45.93.201.74' (using password: YES)
2023-03-28T19:01:29.290388Z 61 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T19:01:32.216865Z 62 [Note] Access denied for user 'cw0170005'@'45.93.201.68' (using password: YES)
2023-03-28T19:01:43.556698Z 63 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T19:01:56.799646Z 64 [Note] Access denied for user 'cw0170006'@'45.93.201.68' (using password: YES)
2023-03-28T19:01:59.710469Z 65 [Note] Access denied for user 'era_user'@'45.93.201.74' (using password: YES)
2023-03-28T19:02:01.583735Z 66 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
2023-03-28T19:02:15.065853Z 67 [Note] Access denied for user 'sa'@'45.93.201.68' (using password: YES)
et ça continue sur des kilomètres.
J'en ai déduit que quelqu'un essaye de taper à intervalle régulier environ 10 à 30s, par une IP commençant par 45.93.201 (cela vient de la russie (recherche internet))
Les questions ?
Pour ce type d'attaque qu'est-ce qui est intelligent de faire?
1/Rien, (de toute façon il ne peut pas entrer le mysql est configuré qu'en localhost)
2/Est-ce qu'il y a qq chose a faire comme déclaration dans le manager OVH?
=>je sais pas vraiment à ce niveau: par exemple une déclaration DDOS?
3/Est-ce qu'il y a qq chose a faire dans le débian ou mysql ou autre ?
Merci de votre aide, pour faire qq chose de propre et surtout d'intelligent.
Cordialement
cous_hub