本帖最後由 Okt04175 於 2021-12-18 16:54 編輯
我畀log4j2漏洞問題燒到埋身,一查發現係同Guest帳號同QuickConnect有關,唔係隻私人NAS啲HDD突然嘈咗接近兩日唔去查下都唔知log4j2漏洞問題會同NAS有關。
「而家問題係QuickConnect Server有漏洞畀駭客入侵攞到Client連線資料咁先搵到我新嗰部NAS,繼而嘗試用Guest身份同埋各種協議連過嚟炸。之前都冇事,一有事就係開咗QuickConnect嗰部先有事。」
如果有用Synology NAS記得「停用Guest帳號同QuickConnect」甚至再喺Router攞過新嘅動態IP,我新嗰隻Synology NAS「開咗QuickConnect同埋冇停用Guest帳號」結果畀185.220.101.185呢個IP持續咁炸咗接近兩日 (185.220.101.185係駭客利用log4j2漏洞去進行攻擊嘅其中一個IP),舊嗰隻Synology NAS係「雖然冇停用Guest帳號但係冇開到QuickConnect」就完全冇事,懷疑QuickConnect Server已經奶晒野班駭客可以從QuickConnect Server嗰Client List再搵目標去攻擊入侵。
P.S.兩部NAS都有放Port出街。
QuickConnect果然係招惹攻擊入侵用嘅。方便同安全始終難以兼顧。
駭客利用log4j攻擊IP情報
如下是我們截查到的利用 log4j2 漏洞進行攻擊的部份 IP 列表,有需要的使用者可根據該列表自行檢查:
104.244.72.115, 104.244.74.211, 104.244.74.57, 104.244.76.170, 107.189.1.160, 107.189.1.178, 107.189.12.135, 107.189.14.98, 109.237.96.124, 109.70.100.34, 116.24.67.213, 122.161.50.23, 131.153.4.122, 134.122.34.28, 137.184.102.82, 137.184.106.119, 142.93.34.250, 143.198.32.72, 143.198.45.117, 147.182.167.165, 147.182.169.254, 147.182.219.9, 151.115.60.113, 159.65.155.208, 159.65.58.66, 164.90.199.216, 167.71.13.196, 167.99.164.201, 167.99.172.213, 167.99.172.58, 171.25.193.20, 171.25.193.25, 171.25.193.77, 171.25.193.78, 178.62.79.49, 181.214.39.2, 18.27.197.252, 185.100.87.202, 185.100.87.41, 185.100.87.41, 185.107.47.171, 185.107.47.171, 185.129.61.1, 185.220.100.240, 185.220.100.241, 185.220.100.242, 185.220.100.243, 185.220.100.244, 185.220.100.245, 185.220.100.246, 185.220.100.247, 185.220.100.248, 185.220.100.249, 185.220.100.252, 185.220.100.253, 185.220.100.254, 185.220.100.255, 185.220.101.129, 185.220.101.134, 185.220.101.134, 185.220.101.138, 185.220.101.139, 185.220.101.141, 185.220.101.142, 185.220.101.143, 185.220.101.144, 185.220.101.145, 185.220.101.147, 185.220.101.148, 185.220.101.149, 185.220.101.153, 185.220.101.154, 185.220.101.154, 185.220.101.156, 185.220.101.157, 185.220.101.158, 185.220.101.160, 185.220.101.161, 185.220.101.163, 185.220.101.168, 185.220.101.169, 185.220.101.171, 185.220.101.172, 185.220.101.175, 185.220.101.177, 185.220.101.179, 185.220.101.180, 185.220.101.181, 185.220.101.182, 185.220.101.185, 185.220.101.186, 185.220.101.189, 185.220.101.191, 185.220.101.33, 185.220.101.34, 185.220.101.35, 185.220.101.36, 185.220.101.37, 185.220.101.41, 185.220.101.42, 185.220.101.43, 185.220.101.45, 185.220.101.46, 185.220.101.49, 185.220.101.54, 185.220.101.55, 185.220.101.56, 185.220.101.57, 185.220.101.61, 185.220.101.61, 185.220.102.242, 185.220.102.249, 185.220.102.8, 185.38.175.132, 185.83.214.69, 188.166.122.43, 188.166.48.55, 188.166.92.228, 193.189.100.195, 193.189.100.203, 193.218.118.183, 193.218.118.231, 193.31.24.154, 194.48.199.78, 195.176.3.24, 195.19.192.26, 195.254.135.76, 198.98.51.189, 199.195.250.77, 204.8.156.142, 205.185.117.149, 20.71.156.146, 209.127.17.242, 209.141.41.103, 2.10.206.71, 212.193.57.225, 217.163.23.58, 23.129.64.131, 23.129.64.131, 23.129.64.141, 23.129.64.146, 23.129.64.148, 45.12.134.108, 45.137.21.9, 45.153.160.131, 45.153.160.138, 45.155.205.233, 46.166.139.111, 46.182.21.248, 51.15.43.205, 51.255.106.85, 54.173.99.121, 62.102.148.69, 62.76.41.46, 68.183.198.247, 68.183.44.143, 72.223.168.73, 81.17.18.60, 88.80.20.86 |
簡體版
訂閱頻道
訂閱電子報
發表於 2021-12-17 22:37
| 
