我已经创建了一个公共RDS(SQL Server)实例。对于我的项目要求,它必须是公开的。当我检查日志时,它显示了来自如下IP的数千次登录尝试失败的条目(我尝试在不同区域中创建多个实例,但仍然存在相同的问题)。任何帮助将不胜感激。谢谢。
错误日志:
2020-02-03 09:45:28.98 Logon Login failed for user 'sa'. Reason: Could not find a login matching the name provided. [CLIENT: 61.12.74.190]
2020-02-03 09:45:29.31 Logon Error: 18456, Severity: 14, State: 5.
2020-02-03 09:45:29.31 Logon Login failed for user 'sa'. Reason: Could not find a login matching the name provided. [CLIENT: 61.12.74.190]
2020-02-03 09:45:29.42 Logon Error: 18456, Severity: 14, State: 5.
2020-02-03 09:45:29.42 Logon Login failed for user 'mssqla'. Reason: Could not find a login matching the name provided. [CLIENT: 112.53.236.114]
2020-02-03 09:45:29.48 Logon Error: 18456, Severity: 14, State: 5.
2020-02-03 09:45:29.48 Logon Login failed for user 'sa'. Reason: Could not find a login matching the name provided. [CLIENT: 61.12.74.190]
2020-02-03 09:45:29.73 Logon Error: 18456, Severity: 14, State: 5.
2020-02-03 09:45:29.73 Logon Login failed for user 'sa'. Reason: Could not find a login matching the name provided. [CLIENT: 61.12.74.190]
2020-02-03 09:45:30.08 Logon Error: 18456, Severity: 14, State: 5.
2020-02-03 09:45:30.08 Logon Login failed for user 'sa'. Reason: Could not find a login matching the name provided. [CLIENT: 61.12.74.190]
作为临时修复,我将VPC的所有IP都列入了黑名单->网络ACL,对于几个IP,该解决方案可以,但是对于数百个IP,此解决方案非常痛苦,所以我期望效率更高解决此问题的方法。
NOTE:
我检查了AWS论坛,发现了一个非常古老且类似的问题,但没有答案https://forums.aws.amazon.com/thread.jspa?messageID=196538𯾺
而且,在stackoverflow Is this a brute force attempt? (AWS SQL Server)上发现了类似的问题,该问题也没有任何指定的解决方案。
通过其他方式更改默认的SQL Server端口1433