Date: Mon, 21 Jan 2008 21:57:22 +0100 From: Jeremie Le Hen <jeremie@le-hen.org> To: Jordi Espasa Clofent <jordi.espasa@opengea.org> Cc: freebsd-security@freebsd.org Subject: Re: [fbsd] denyhosts-like app for MySQLd? Message-ID: <20080121205722.GA62295@obiwan.tataz.chchile.org> In-Reply-To: <47946AD3.2020601@opengea.org> References: <47946AD3.2020601@opengea.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On Mon, Jan 21, 2008 at 10:50:11AM +0100, Jordi Espasa Clofent wrote: > We have a mysql ports (3306) opened for remote connections, and obviously > the /var/db/mysql/machine_name.log is full of these kind of entries: > > ........... > 936012 Connect Access denied for user 'user'@'85.19.95.10' (using > password: YES) > 936013 Connect Access denied for user 'user'@'85.19.95.10' (using > password: YES) > 936014 Connect Access denied for user 'user'@'85.19.95.10' (using > password: YES) > 936016 Connect Access denied for user 'user'@'85.19.95.10' (using > password: YES) > 936018 Connect Access denied for user 'user'@'85.19.95.10' (using > password: YES) > 936019 Connect Access denied for user 'user'@'85.19.95.10' (using > password: YES) > ............. > > The idea is blocking the abusive IPs in automated way. > > [1] http://denyhosts.sourceforge.net/ You may have a look at Fail2Ban: http://www.fail2ban.org/wiki/index.php/Features -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080121205722.GA62295>