Over 3.6 million MySQL servers exposed on the Internet.
2 min readOver 3.6 million MySQL servers exposed on the Internet.
- An American company made 0.7nm chips: EUV lithography machines can’t do it
- CVE-2007-4559 Python vulnerability ignored for 15 years puts 350,000 projects at risk of code execution
- RISC-V only takes 12 years to achieve the milestone of 10 billion cores
- 14000 cores + 450W: RTX 4080 graphics card perfectly replaces the RTX 3080
- Big upgrade: The difference between Bluetooth 5.0 and 5.2
- Geeks Disappointed that RTX 4080/4090 doesn’t come with PCIe 5.0
- What are advantages and disadvantages of different load balancing?
Over 3.6 million MySQL servers exposed on the Internet.
The Shadowserver Foundation , a cybersecurity research group , scanned for accessible MySQL server instances on port 3306/TCP and found that about 2.3 million IPv4 addresses responded to queries, and more than 1.3 million IPv6 devices responded (although most of them were related to a single Autonomous System related).
Data on accessible MySQL instances can be viewed in the Accessible MySQL Server Report .
The detailed scan data is as follows (from May 26, 2022):
- Total MySQL scanned over IPv4: 3,957,457
- Total MySQL scanned over IPv6: 1,421,010
- Total MySQL servers reachable on IPv4: 2,279,908
- Total MySQL servers reachable on IPv6: 1,343,993
Overall, 67% of all MySQL services found were accessible from the Internet (both IPv4 and IPv6).
This means that there are more than 3.6 million MySQL servers that are easy targets for hackers and extortionists. “While we did not examine possible access levels or exposure of specific databases, this exposure is a potential attack surface that should be closed,” Shadow Server explained.
By country, the countries with the most accessible IPv4 MySQL servers are the US (740.1K), China (296.3K), Poland (207.8K) and Germany (174.9K); the most accessible IPv6 The MySQL server countries are the United States (460.8K), the Netherlands (296.3K), Singapore (218.2K), and Germany (173.7K).
Users who want to learn how to securely deploy a MySQL server and eliminate potential security holes that may lurk in their systems .
- Shadow Server recommends reading the MySQL 5.7 Secure Deployment Guide
- MySQL 8.0 Secure Deployment Guide
- DIY a PBX (Phone System) on Raspberry Pi
- How to host multiple websites on Raspberry Pi 3/4?
- A Free Intercom/Paging system with Raspberry pi and old Android phones
- DIY project: How to use Raspberry Pi to build DNS server?
- Raspberry Pi project : How to use Raspberry Pi to build git server?