我已经使用 MSSQL 容器映像创建了一个 Azure 容器实例。它启动了。然而,在登录或使用 URL 之前,我已经检查了容器日志,发现它受到了流量的冲击。由于这是一个 MSSQL DB 服务器,它会收到登录尝试。下面显示了日志中的一个示例。
2020-09-25 10:59:39.66 Logon Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.55]
2020-09-25 10:59:39.69 Logon Error: 18456, Severity: 14, State: 8.
2020-09-25 10:59:39.69 Logon Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.56]
2020-09-25 10:59:39.70 Logon Error: 18456, Severity: 14, State: 8.
2020-09-25 10:59:39.70 Logon Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.56]
2020-09-25 10:59:39.72 Logon Error: 18456, Severity: 14, State: 8.
2020-09-25 10:59:39.72 Logon Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.56]
2020-09-25 10:59:39.74 Logon Error: 18456, Severity: 14, State: 8.
2020-09-25 10:59:39.74 Logon Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.56]
2020-09-25 10:59:39.76 Logon Error: 18456, Severity: 14, State: 8.
2020-09-25 10:59:39.76 Logon Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.56]
2020-09-25 10:59:39.79 Logon Error: 18456, Severity: 14, State: 8.
2020-09-25 10:59:39.79 Logon Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.55]
2020-09-25 10:59:39.83 Logon Error: 18456, Severity: 14, State: 8.
2020-09-25 10:59:39.83 Logon Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.56]
2020-09-25 10:59:39.85 Logon Error: 18456, Severity: 14, State: 8.
2020-09-25 10:59:39.85 Logon Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.55]
2020-09-25 10:59:39.87 Logon Error: 18456, Severity: 14, State: 8.
我还用随机文本和数字创建了 DNS 名称。但是我仍然收到请求。根据上面的日志,用户名始终为“sa”,但是我看到还有一些其他猜测。
恶意用户/机器人如何找到新创建的实例?一切都进入注册表了吗?有没有办法避免这些不必要的请求?