{"id":1035,"date":"2021-11-18T09:01:52","date_gmt":"2021-11-18T02:01:52","guid":{"rendered":"https:\/\/vietserver.vn\/blog\/?p=1035"},"modified":"2021-11-18T09:01:52","modified_gmt":"2021-11-18T02:01:52","slug":"huong-dan-kiem-tra-dam-bao-an-toan-cho-may-chu","status":"publish","type":"post","link":"https:\/\/vietserver.vn\/blog\/huong-dan-kiem-tra-dam-bao-an-toan-cho-may-chu\/","title":{"rendered":"H\u01b0\u1edbng d\u1eabn ki\u1ec3m tra \u0111\u1ea3m b\u1ea3o an to\u00e0n cho M\u00e1y ch\u1ee7"},"content":{"rendered":"<p>Th\u1eddi gian v\u1eeba qua xu\u1ea5t hi\u1ec7n m\u1ed9t s\u1ed1 ph\u1ea7n m\u1ec1m chuy\u00ean d\u1ee5ng scan password VPS \u0111\u1ec3 truy c\u1eadp tr\u00e1i ph\u00e9p. Sau khi nh\u1eadn \u0111\u01b0\u1ee3c ph\u1ea3n \u00e1nh c\u1ee7a 1 s\u1ed1 kh\u00e1ch h\u00e0ng, ch\u00fang t\u00f4i ngay l\u1eadp t\u1ee9c ti\u1ebfn h\u00e0nh ph\u00e2n t\u00edch k\u1ef9 thu\u1eadt.<\/p>\n<p>C\u00e1c ph\u00e2n t\u00edch b\u00ean d\u01b0\u1edbi d\u1ef1a tr\u00ean k\u1ebft qu\u1ea3 th\u1ef1c nghi\u1ec7m \u0111\u01b0\u1ee3c ch\u00ednh b\u1ed9 ph\u1eadn support v\u00e0 k\u1ef9 thu\u1eadt c\u1ee7a Vietserver th\u1ef1c hi\u1ec7n. Ch\u00fang t\u00f4i \u0111\u00e3 th\u1eed nghi\u1ec7m t\u1ea1o 1 s\u1ed1 VPS v\u1edbi 1 m\u1eadt kh\u1ea9u th\u00f4ng d\u1ee5ng.\u00a0K\u1ebft qu\u1ea3 l\u00e0 ch\u1ec9 trong v\u00f2ng 24h, to\u00e0n b\u1ed9 \u0111\u00e3 b\u1ecb hack v\u00e0o v\u00e0 b\u1ecb change password ho\u1eb7c t\u1ea1o th\u00eam user m\u1edbi. Duy nh\u1ea5t 1 VPS th\u1eed nghi\u1ec7m \u0111\u00e3 change port 3389 sang 1 port kh\u00e1c l\u00e0 v\u1eabn an to\u00e0n.<\/p>\n<p><strong>Ph\u01b0\u01a1ng th\u1ee9c ho\u1ea1t \u0111\u1ed9ng:<\/strong><\/p>\n<ul>\n<li>S\u1eed d\u1ee5ng ph\u1ea7n m\u1ec1m d\u00f2 c\u1ed5ng 3389 ho\u1eb7c 22 (port m\u1eb7c \u0111\u1ecbnh d\u1ecbch v\u1ee5 Remote Desktop tr\u00ean Windows v\u00e0 SSH tr\u00ean Linux)<\/li>\n<li>Sau khi \u0111\u00e3 c\u00f3 list \u0111\u1ecba ch\u1ec9 IPv4 \u0111ang m\u1edf 1 trong 2 c\u1ed5ng n\u00e0y s\u1ebd brute force v\u1edbi h\u00e0ng lo\u1ea1t user v\u00e0 m\u1eadt kh\u1ea9u d\u1ef1ng s\u1eb5n.\n<ul>\n<li>Danh s\u00e1ch m\u1eadt kh\u1ea9u d\u1ef1ng s\u1eb5n m\u00e0 Vietserver thu th\u1eadp \u0111\u01b0\u1ee3c t\u1eeb hacker:\u00a0<a href=\"https:\/\/drive.google.com\/file\/d\/19T-3GpEfZ_rtFQXvB0UghiRY1BPL92yt\/view\">https:\/\/drive.google.com\/file\/d\/19T-3GpEfZ_rtFQXvB0UghiRY1BPL92yt\/view<\/a><\/li>\n<li>Danh 10K \u0111\u1ecba ch\u1ec9 IPv4 b\u1ecb t\u1ea5n c\u00f4ng \u0111ang m\u1edf port 3389 t\u1ea1i Argentina Vietserver thu th\u1eadp \u0111\u01b0\u1ee3c t\u1eeb hacker (\u0111\u00e2y ch\u1ec9 l\u00e0 ri\u00eang\u00a0Argentina):\u00a0\u00a0<a href=\"https:\/\/drive.google.com\/file\/d\/1OKl7qwgE69FcP52R40PrN_8Gm5JdNbnE\/view\">https:\/\/drive.google.com\/file\/d\/1OKl7qwgE69FcP52R40PrN_8Gm5JdNbnE\/view<\/a><\/li>\n<\/ul>\n<\/li>\n<li>N\u1ebfu brute force m\u1eadt kh\u1ea9u th\u00e0nh c\u00f4ng, hacker s\u1ebd chi\u1ebfm quy\u1ec1n truy c\u1eadp VPS v\u00e0 th\u1ef1c hi\u1ec7n h\u00e0ng lo\u1ea1t c\u00e1c thay \u0111\u1ed5i. Vietserver \u0111\u00e3 theo d\u00f5i v\u00e0 ghi nh\u1eadn c\u00e1c c\u00e1ch m\u00e0 \u0111\u1ed1i t\u01b0\u1ee3ng th\u01b0\u1eddng s\u1eed d\u1ee5ng:\n<ul>\n<li>Truy c\u1eadp v\u00e0o c\u00e1c t\u00e0i kho\u1ea3n t\u00e0i ch\u00ednh m\u00e0 kh\u00e1ch h\u00e0ng \u0111\u00e3 l\u01b0u tr\u00ean VPS (Paypal, BTC, ETH&#8230;) v\u00e0 chi\u1ebfm \u0111o\u1ea1t =&gt;C\u1ef1c k\u1ef3 nguy hi\u1ec3m v\u00e0 thi\u1ec7t h\u1ea1i l\u1edbn.<\/li>\n<li>C\u00e0i \u0111\u1eb7t c\u00e1c ph\u1ea7n m\u1ec1m \u0111\u00e0o ti\u1ec1n m\u00e3 h\u00f3a.<\/li>\n<li>C\u00e0i \u0111\u1eb7t l\u1ea1i ch\u00ednh c\u00e1c ph\u1ea7n m\u1ec1m s\u1eed d\u1ee5ng \u0111\u1ec3 scan password =&gt;t\u1ea1o 1 m\u1ea1ng l\u01b0\u1edbi bot scan theo c\u1ea5p s\u1ed1 nh\u00e2n.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>Nguy hi\u1ec3m \u1edf ch\u1ed7, c\u00e1c \u0111\u1ed1i t\u01b0\u1ee3ng truy c\u1eadp v\u00e0o VPS v\u00e0 t\u1ea1o th\u00eam user v\u1edbi to\u00e0n quy\u1ec1n qu\u1ea3n tr\u1ecb (t\u00e0i kho\u1ea3n v\u00e0 m\u1eadt kh\u1ea9u qu\u1ea3n tr\u1ecb m\u00e0 kh\u00e1ch h\u00e0ng \u0111ang s\u1eed d\u1ee5ng kh\u00f4ng h\u1ec1 b\u1ecb thay \u0111\u1ed5i). C\u00f3 ngh\u0129a l\u00e0 Hacker<strong> c\u00f3 to\u00e0n quy\u1ec1n truy c\u1eadp v\u00e0o VPS song song v\u1edbi kh\u00e1ch h\u00e0ng m\u00e0 kh\u00e1ch h\u00e0ng kh\u00f4ng h\u1ec1 hay bi\u1ebft<\/strong>.<\/p>\n<p>N\u1ebfu c\u00e1c b\u1ea1n \u0111ang s\u1eed d\u1ee5ng VPS (<strong>b\u1ea5t k\u1ec3 c\u1ee7a Vietserver hay c\u1ee7a nh\u00e0 cung c\u1ea5p n\u00e0o kh\u00e1c<\/strong>) n\u1ebfu ch\u01b0a th\u1ef1c hi\u1ec7n n\u00e2ng cao b\u1ea3o m\u1eadt nh\u01b0 h\u01b0\u1edbng d\u1eabn \u1edf \u0111\u00e2y:\u00a0<a href=\"..\/..\/..\/..\/huong-dan\/huong-dan-bao-mat-vps.html\">https:\/\/vietserver.vn\/huong-dan\/huong-dan-bao-mat-vps.html<\/a>. Ho\u1eb7c cho d\u00f9 \u0111\u00e3 s\u1eed d\u1ee5ng r\u1ed3i th\u00ec c\u0169ng n\u00ean ki\u1ec3m tra l\u1ea1i theo h\u01b0\u1edbng d\u1eabn sau:<\/p>\n<p><strong>Hi\u1ec7n t\u01b0\u1ee3ng:<\/strong><\/p>\n<ul>\n<li><strong>Nghi ng\u1edd c\u00f3 truy c\u1eadp tr\u00e1i ph\u00e9p<\/strong> (b\u1ea1n \u0111ang s\u1eed d\u1ee5ng VPS m\u00e0 b\u1ecb dissconect ra ngo\u00e0i k\u00e8m th\u00f4ng b\u00e1o ng\u01b0\u1eddi d\u00f9ng kh\u00e1c \u0111\u00e3 truy c\u1eadp v\u00e0o), g\u1eb7p th\u00f4ng b\u00e1o nh\u01b0 h\u00ecnh:\u00a0<a href=\"https:\/\/imgur.com\/moqQVRk\">https:\/\/imgur.com\/moqQVRk<\/a><\/li>\n<li><strong>VPS gi\u1eadt lag b\u1ea5t th\u01b0\u1eddng, CPU t\u0103ng cao kh\u00f4ng do nguy\u00ean nh\u00e2n<\/strong> ho\u1eb7c <strong>nguy\u00ean nh\u00e2n do ph\u1ea7n m\u1ec1m l\u1ea1 \u0111ang ho\u1ea1t \u0111\u1ed9ng.<\/strong><\/li>\n<li><strong>VPS c\u1ee7a b\u1ea1n \u0111\u1ed9t nhi\u00ean b\u1ecb thay \u0111\u1ed5i m\u1eadt kh\u1ea9u<\/strong><\/li>\n<\/ul>\n<p><strong>C\u00e1ch ki\u1ec3m tra:<\/strong><\/p>\n<ul>\n<li><strong>C\u00e1ch 1:<\/strong> Tr\u00ean VPS chu\u1ed9t ph\u1ea3i v\u00e0o <strong>Start<\/strong> ch\u1ecdn <strong>Computer Management\u00a0<\/strong>t\u00ecm \u0111\u1ebfn<strong> Local User and Groups.\u00a0<\/strong>N\u1ebfu tr\u00ean\u00a0<strong>Local User and Groups,<\/strong> ch\u1ec9 hi\u1ec3n th\u1ecb duy nh\u1ea5t t\u00e0i kho\u1ea3n<strong> Administrator (ho\u1eb7c c\u00f3 th\u00eam t\u00e0i kho\u1ea3n Guest nh\u01b0ng b\u1ecb disable) <\/strong>th\u00ec c\u00e1c b\u1ea1n chuy\u1ec3n sang b\u01b0\u1edbc 2.\n<ul>\n<li>L\u01b0u \u00fd \u1edf c\u00e1ch n\u00e0y, n\u1ebfu kh\u00f4ng th\u1ec3 truy c\u1eadp\u00a0<strong>Local User and Groups <\/strong>ho\u1eb7c<strong> ph\u00e1t hi\u1ec7n c\u00f3 th\u00eam user l\u1ea1\u00a0<span style=\"color: #ff0000;\">th\u00ec c\u00f3 th\u1ec3 VPS c\u1ee7a b\u1ea1n \u0111\u00e3 b\u1ecb hack, l\u00fac n\u00e0y c\u1ea7n nhanh ch\u00f3ng backup d\u1eef li\u1ec7u v\u00e0 th\u1ef1c hi\u1ec7n c\u00e0i l\u1ea1i H\u1ec7 \u0111i\u1ec1u h\u00e0nh. Tuy\u1ec7t \u0111\u1ed1i kh\u00f4ng c\u1ed1 g\u1eafng x\u00f3a user l\u1ea1 ho\u1eb7c thay \u0111\u1ed5i password v\u00ec VPS c\u00f3 th\u1ec3 b\u1ecb hack l\u1ea1i b\u1ea5t c\u1ee9 l\u00fac n\u00e0o.<\/span><\/strong><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><strong><span style=\"color: #ff0000;\"><a href=\"..\/..\/..\/..\/storage\/uploads\/2019-08-24\/hack1_size_300x924.PNG\" data-rel=\"penci-gallery-image-content\"  target=\"_blank\" rel=\"noopener\"><img style=\"display: block; margin-left: auto; margin-right: auto;\" title=\"hack1\" src=\"..\/..\/..\/..\/storage\/uploads\/2019-08-24\/hack1_size_300x924.PNG\" alt=\"hack1\" \/><\/a><\/span><\/strong><\/p>\n<ul>\n<li><span style=\"color: #000000;\"><strong>C\u00e1ch 2: <\/strong>B\u1eadt<strong> Task Manager, <\/strong>ki\u1ec3m tra xem c\u00f3 ph\u1ea7n m\u1ec1m l\u1ea1 \u0111ang ch\u1ea1y chi\u1ebfm d\u1ee5ng nhi\u1ec1u t\u00e0i nguy\u00ean CPU\/RAM\/Network hay kh\u00f4ng.<\/span><\/li>\n<\/ul>\n<p><span style=\"color: #000000;\">\u0110\u1ec3 \u0111\u1ea3m b\u1ea3o an to\u00e0n th\u00f4ng tin v\u00e0 d\u1eef li\u1ec7u cho ch\u00ednh c\u00e1c b\u1ea1n, vui l\u00f2ng tham kh\u1ea3o c\u00e1c c\u00e1ch n\u00e2ng cao b\u1ea3o m\u1eadt cho VPS n\u00f3i ri\u00eang v\u00e0 Server n\u00f3i chung t\u1ea1i:\u00a0<a href=\"..\/..\/..\/..\/huong-dan\/huong-dan-bao-mat-vps.html\">https:\/\/vietserver.vn\/huong-dan\/huong-dan-bao-mat-vps.html<\/a>.\u00a0<\/span><\/p>\n<p><strong><span style=\"color: #000000;\">N\u1ebfu \u0111ang s\u1eed d\u1ee5ng d\u1ecbch v\u1ee5 c\u1ee7a Vietserver.vn v\u00e0 c\u1ea7n th\u00eam s\u1ef1 tr\u1ee3 gi\u00fap, vui l\u00f2ng li\u00ean h\u1ec7 Live Chat ho\u1eb7c Trung t\u00e2m CSKH\u00a0Vietserver.vn<\/span><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Th\u1eddi gian v\u1eeba qua xu\u1ea5t hi\u1ec7n m\u1ed9t s\u1ed1 ph\u1ea7n m\u1ec1m chuy\u00ean d\u1ee5ng scan password VPS \u0111\u1ec3 truy c\u1eadp tr\u00e1i ph\u00e9p. Sau khi nh\u1eadn \u0111\u01b0\u1ee3c ph\u1ea3n \u00e1nh c\u1ee7a 1 s\u1ed1 kh\u00e1ch&hellip;<\/p>\n","protected":false},"author":1,"featured_media":1036,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[13,15],"tags":[27,25,24,26],"_links":{"self":[{"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/posts\/1035"}],"collection":[{"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/comments?post=1035"}],"version-history":[{"count":0,"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/posts\/1035\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/media\/1036"}],"wp:attachment":[{"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/media?parent=1035"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/categories?post=1035"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/vietserver.vn\/blog\/wp-json\/wp\/v2\/tags?post=1035"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}