Date: Mon, 21 Jan 2008 13:19:06 +0200 From: Tuomo Latto <djv@iki.fi> To: freebsd-security@freebsd.org Subject: Re: denyhosts-like app for MySQLd? Message-ID: <47947FAA.6040605@iki.fi> In-Reply-To: <47946AD3.2020601@opengea.org> References: <47946AD3.2020601@opengea.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Jordi Espasa Clofent wrote: > żIs there any app like denyhosts[1] but intended for MySQLd service? > > We have a mysql ports (3306) opened for remote connections, and > obviously the /var/db/mysql/machine_name.log is full of these kind of > entries: > > ........... > 936012 Connect Access denied for user 'user'@'85.19.95.10' (using > password: YES) > 936013 Connect Access denied for user 'user'@'85.19.95.10' (using > password: YES) > 936014 Connect Access denied for user 'user'@'85.19.95.10' (using > password: YES) > 936016 Connect Access denied for user 'user'@'85.19.95.10' (using > password: YES) > 936018 Connect Access denied for user 'user'@'85.19.95.10' (using > password: YES) > 936019 Connect Access denied for user 'user'@'85.19.95.10' (using > password: YES) > ............. > > The idea is blocking the abusive IPs in automated way. > > [1] http://denyhosts.sourceforge.net/ How about ports/security/bruteblock? No OOTB support, but adding it should be very easy. (You just write a config file for it.) -- Tuomo ... All I want is a warm bed, a kind word and unlimited power
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47947FAA.6040605>