denyhosts-like app for MySQLd?
mouss
mouss at netoyen.net
Mon Jan 21 16:45:17 PST 2008
Jordi Espasa Clofent wrote:
> Hi all,
>
> ¿Is there any app like denyhosts[1] but intended for MySQLd service?
>
> We have a mysql ports (3306) opened for remote connections, and
> obviously the /var/db/mysql/machine_name.log is full of these kind of
> entries:
>
> ...........
> 936012 Connect Access denied for user 'user'@'85.19.95.10' (using
> password: YES)
> 936013 Connect Access denied for user 'user'@'85.19.95.10' (using
> password: YES)
> 936014 Connect Access denied for user 'user'@'85.19.95.10' (using
> password: YES)
> 936016 Connect Access denied for user 'user'@'85.19.95.10' (using
> password: YES)
> 936018 Connect Access denied for user 'user'@'85.19.95.10' (using
> password: YES)
> 936019 Connect Access denied for user 'user'@'85.19.95.10' (using
> password: YES)
> .............
>
> The idea is blocking the abusive IPs in automated way.
why do you open your mysql port to the world?
if you want to let users in from any place, then an ssh tunnel is safer
(yes, works even on windows, using putty or whatever. and a user who
finds this difficult shouldn't be able to run sql commands!).
If this is too much, at least use a different port to reduce the noise
(This won't add security, but will somehow limit exposure).
More information about the freebsd-security
mailing list