Azure 容器实例在创建后立即接收大量流量

tag-icon tag-icon sql-server ddos brute-force-attacks azure-container-service
Azure 容器实例在创建后立即接收大量流量

我已经使用 MSSQL 容器映像创建了一个 Azure 容器实例。它启动了。然而,在登录或使用 URL 之前,我已经检查了容器日志,发现它受到了流量的冲击。由于这是一个 MSSQL DB 服务器,它会收到登录尝试。下面显示了日志中的一个示例。

2020-09-25 10:59:39.66 Logon       Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.55]
2020-09-25 10:59:39.69 Logon       Error: 18456, Severity: 14, State: 8.
2020-09-25 10:59:39.69 Logon       Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.56]
2020-09-25 10:59:39.70 Logon       Error: 18456, Severity: 14, State: 8.
2020-09-25 10:59:39.70 Logon       Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.56]
2020-09-25 10:59:39.72 Logon       Error: 18456, Severity: 14, State: 8.
2020-09-25 10:59:39.72 Logon       Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.56]
2020-09-25 10:59:39.74 Logon       Error: 18456, Severity: 14, State: 8.
2020-09-25 10:59:39.74 Logon       Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.56]
2020-09-25 10:59:39.76 Logon       Error: 18456, Severity: 14, State: 8.
2020-09-25 10:59:39.76 Logon       Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.56]
2020-09-25 10:59:39.79 Logon       Error: 18456, Severity: 14, State: 8.
2020-09-25 10:59:39.79 Logon       Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.55]
2020-09-25 10:59:39.83 Logon       Error: 18456, Severity: 14, State: 8.
2020-09-25 10:59:39.83 Logon       Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.56]
2020-09-25 10:59:39.85 Logon       Error: 18456, Severity: 14, State: 8.
2020-09-25 10:59:39.85 Logon       Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: 10.240.255.55]
2020-09-25 10:59:39.87 Logon       Error: 18456, Severity: 14, State: 8.

我还用随机文本和数字创建了 DNS 名称。但是我仍然收到请求。根据上面的日志,用户名始终为“sa”,但是我看到还有一些其他猜测。

恶意用户/机器人如何找到新创建的实例?一切都进入注册表了吗?有没有办法避免这些不必要的请求?

相关内容