If it so happens that the server was hacked, is it possible to check on the basis of any logs or other records in the system whether there were no manipulations (whether changes were made to the data) with the databases after the moment of hacking?
|
1 answer
in general, it would be good to dump the databases once you have such a server and store this dump somewhere separately (the process can be automated). In addition, by default (at least, I constantly disable this option) the mysql server writes data to it in files with names like mysql-bin.000001 (stored by default in the server data storage folder). Now, if the option is not disabled, then you can see all the commands there. But however, this mode of logging server actions "eats" disk space with an enviable appetite.
danila 1 danila 1
575 3 9
|