Jordi Espasa Clofent wrote:
Hi all,
¿Is there any app like denyhosts[1] but intended for MySQLd service?
We have a mysql ports (3306) opened for remote connections, and
obviously the /var/db/mysql/machine_name.log is full of these kind of
entries:
...........
936012 Connect Access denied for user 'user'@'85.19.95.10' (using
password: YES)
936013 Connect Access denied for user 'user'@'85.19.95.10' (using
password: YES)
936014 Connect Access denied for user 'user'@'85.19.95.10' (using
password: YES)
936016 Connect Access denied for user 'user'@'85.19.95.10' (using
password: YES)
936018 Connect Access denied for user 'user'@'85.19.95.10' (using
password: YES)
936019 Connect Access denied for user 'user'@'85.19.95.10' (using
password: YES)
.............
The idea is blocking the abusive IPs in automated way.
why do you open your mysql port to the world?
if you want to let users in from any place, then an ssh tunnel is safer
(yes, works even on windows, using putty or whatever. and a user who
finds this difficult shouldn't be able to run sql commands!).
If this is too much, at least use a different port to reduce the noise
(This won't add security, but will somehow limit exposure).
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
