我被黑客入侵了吗???以及如何摆脱困境?

时间:2018-08-28 13:26:42

标签: mysql security ubuntu ubuntu-18.04

一个美好的早晨,我发现我不再可以在AWS ubuntu 18.04实例上SSH MySQL服务器。 简而言之,我完全删除了MySQL,然后重新安装了它。但是我仍然无法启动mysql。 错误消息包括行“有关详细信息,请参见“ systemctl状态mysql.service”和“ journalctl -xe”。 这是systemctl状态mysql.service响应:

ubuntu@ip-1xx-30-x-2xx:/$ systemctl status mysql.service
● mysql.service - MySQL Community Server
   Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Tue 2018-08-28 12:41:02 UTC; 2min 5s ago
  Process: 5067 ExecStart=/usr/sbin/mysqld --daemonize --pid-file=/run/mysqld/mysqld.pid (code=exite
  Process: 5045 ExecStartPre=/usr/share/mysql/mysql-systemd-start pre (code=exited, status=0/SUCCESS    
Aug 28 12:41:01 ip-xxx-30-0-xxx systemd[1]: mysql.service: Failed with result 'exit-code'.
Aug 28 12:41:01 ip-xxx-30-0-xxx systemd[1]: Failed to start MySQL Community Server.
Aug 28 12:41:02 ip-xxx-30-0-xxx systemd[1]: mysql.service: Service hold-off time over, scheduling re
Aug 28 12:41:02 ip-xxx-30-0-xxx systemd[1]: mysql.service: Scheduled restart job, restart counter is
Aug 28 12:41:02 ip-xxx-30-0-xxx systemd[1]: Stopped MySQL Community Server.
Aug 28 12:41:02 ip-xxx-30-0-xxx systemd[1]: mysql.service: Start request repeated too quickly.
Aug 28 12:41:02 ip-xxx-30-0-xxx systemd[1]: mysql.service: Failed with result 'exit-code'.
Aug 28 12:41:02 ip-xxx-30-0-xxx systemd[1]: Failed to start MySQL Community Server.

这是journalctl -xe响应:

ubuntu@ip-1xx-30-x-2xx:/$ journalctl -xe
    Aug 28 12:43:59 ip-xxx-30-0-xxx sshd[5180]: error: maximum authentication attempts exceeded for root from 58.218.92.43 port 14
    Aug 28 12:43:59 ip-xxx-30-0-xxx sshd[5180]: Disconnecting authenticating user root 58.218.92.43 port 14426: Too many authentic
    Aug 28 12:43:59 ip-xxx-30-0-xxx sshd[5180]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.
    Aug 28 12:43:59 ip-xxx-30-0-xxx sshd[5180]: PAM service(sshd) ignoring max retries; 6 > 3
    Aug 28 12:44:05 ip-xxx-30-0-xxx sshd[5197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
    Aug 28 12:44:07 ip-xxx-30-0-xxx sshd[5197]: Failed password for root from 58.218.92.43 port 10186 ssh2
    Aug 28 12:44:10 ip-xxx-30-0-xxx sshd[5197]: Failed password for root from 58.218.92.43 port 10186 ssh2

    .
    .

。并一遍又一遍地重复。我对IP 58.218.92.43一无所知;

问题是我被黑客入侵了吗?以及如何摆脱困境?

0 个答案:

没有答案