Hello everyone, I am Jay Chou
However, on this day, Redis worked as usual, and soon received a SAVE command.
Although this Redis is often used as a cache, the data only exists in the memory, but the data in the memory can be saved to a disk file for persistent storage SAVE
I saw that Redis had just opened the file and was about to write, but a few big guys suddenly rushed out to capture it from nowhere.
what is the problem? Redis looked dumbfounded.
This matter has to be talked about a month ago.
Mining virus
A month ago, the sudden sound of an alarm broke the silence of the Linux empire at night, and the CPU usage suddenly soared, but no one did it. With unhide , the hidden process was finally discovered. I thought the crisis had been resolved, but unexpectedly...It was late at night, and the security alarm suddenly sounded again.
"Minister, the rm kid is a fake, he lied to us today, the mining virus was not deleted at all, and he is making a comeback!"
The Minister of Security looked at the sky in the distance, and the fan at the entrance of the CPU factory began to spin frantically again...
In desperation, the minister had to summon everyone again.
unhide once again used housekeeping skills to catch several hidden processes. Brother Kill took their pid, raised the knife in his hand, and moved swiftly and neatly.
This time, before finding the real rm , the Minister personally cleaned up these program files.
"Minister, it's not a way to go on like this. If you delete it and do it again, you have to think of a long-term plan!" said top
"Be sure to find out the real murderer behind!", ps said.
"How they got in, we must investigate clearly!" netstat said.
"Yes, yes, that is," everyone agreed.
The minister stood up and said, "Everyone is right. Before you come, I have arranged for an assistant to check, and I believe there will be clues soon."
At this time, the firewall stepped forward and said: "In order to prevent leakage of messages, it is recommended to stop all network connections."
"Well, these three shifts in the middle of the night will not have a big impact on the business, stop it!" said the Minister of Security.
Not long after, the assistant rushed back in a hurry, whispering in the minister's ear, and the security minister's face changed suddenly when he heard it.
"Sshd stay a while, others can withdraw first", the minister said.
Everyone dispersed, leaving only sshd, unconsciously panicked.
"Wait a minute, kill kill too," the minister added.
Upon hearing this, sshd's heartbeat quickened even more.
The assistant closed the door, and the Minister of Security said softly: "According to the news just received, someone has logged in illegally. This mining virus is very likely to be uploaded remotely."
When sshd heard this, he was shocked and asked hurriedly: "Did the login password have been leaked?"
"It should be no, it is the public and private key without secret," the assistant on the side replied.
"Look, in the /root/.ssh/authorized_keys file, we found a new login public key, which was not available before." Then, the assistant output the contents of the file:
[root@xuanyuan ~]# cat .ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABA······"Never I did it," sshd hurriedly dismissed it.
"Remote login, isn't this the business you are in charge of?" the assistant asked.
"It's true that I am responsible, but I just follow the procedures. The prerequisite for him to log in with the public and private keys is to write in the public key first, so who wrote it in, this is the key!", sshd said arrive.
"That's right, don't be nervous, think about it, have you seen anyone touched this file?", the minister tapped sshd on the shoulder and said.
"This is not paying attention"
The Minister frowned, walked a few steps back and forth, and said, "Okay, let's clean up the public key first. After going back, keep an eye on this file and report it to me as soon as someone visits."
"Okay", sshd left afterwards and found himself in a cold sweat.
Murderer emerges
As time passed, one month passed.
Since the public key in the authorized_keys file was cleaned up, the Linux empire has finally been at peace for a while, and the mining virus invasion incident has gradually been forgotten.
It was late that night, and sshd was dozing off.
Suddenly, with a "bang" sound, sshd woke up, opened his eyes and found that a program broke into the /root/.ssh directory!
At this time, sshd has no sleep. After waiting for more than a month, is this guy about to show up?
sshd became nervous, but who would it be?
At this moment, sshd stared at the authorized_keys file closely, and did not dare to blink, for fear of missing something.
Sure enough, a figure came over, walked straight to the file, and then opened it!
sshd didn't dare to hesitate, and hurriedly sent a message to the Assistant Secretary of Security.
The back turned around, and sshd saw his face clearly, it turned out to be Redis!
The minister who received the news rushed over, and before Redis could write the data, he stepped forward and held him down.
"Good guy, I didn't expect the ghost to be you!" sshd said proudly.
Redis looked at everyone with a grievance, "What are you doing? I didn't do anything bad."
"People get stolen and get, and you still deny it? Let's just say, why did you write the authorized_keys file?"
"That's because I want to perform data persistent storage and write the data in memory to a file for storage," Redis replied.
"Why do you write to the authorized_keys file for persistent storage?" sshd continued to question.
"I just received a few commands, and this is the file name for setting up persistent storage, don't believe me." After all, Redis took out the few commands it just received:
CONFIG SET dir /root/.ssh
CONFIG SET dbfilename authorized_keys
SAVE"The first one specifies the save path, the second one specifies the file name to save, and the third one is to save the data to the file", Redis continued to explain.
The Minister of Security looked at several commands carefully and said, "Show me the data you want to write."
"This is a lot, wait a minute." After all, Redis took out all the key-value data and scattered them all over the place.
Everyone was dazzled by a large piece of data.
"Look, minister!" sshd suddenly yelled.
Following the direction of his finger, a striking public key appeared in front of everyone.
ssh-rsa AAAAB3NzaC1yc2EAA···"Sure enough, it's you!"
Redis was still dumbfounded and didn't know what happened.
"You guy, you have been used as a gun! The file you wrote is not an ordinary file. If you write it in, others can log in remotely. This is how the previous mining virus came in!", sshd Speaking of.
Upon hearing this, Redis was so frightened that he quickly cut off the network connection.
"Who is it that gave you the order and how did it connect to you?" the minister asked.
Redis lowered his head in embarrassment, and only said: "You tell me, I don't have a password by default, anyone can connect in."
The security minister's eyes widened at hearing, and he left angrily.
With only one yell, Old Brother Kill raised the knife again.
Easter eggs
"Minister, it's not good"
"What's the matter, panicked"
"My data is all encrypted!", MySQL said breathlessly...
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。