在phpmyadmin的状态页经常会看到”尝试失败”次数
但没有相关的日志可供查看,这里通过修改mysql参数来记录下”尝试失败”的操作。
1.修改my.conf
#默认为1,设为大于1时会记录’Access denied ‘
log-warnings =2
log = /opt/mysql/var/query_log.log
2.restart mysql 注意不是reload
/opt/mysql/bin/mysql.servier restart
3.测试非法用户访问
/opt/mysql/bin/mysql -u abc
/opt/mysql/bin/mysql -u test
4.查看日志
tail /opt/mysql/var/query_log.log
或者
cat /opt/mysql/var/query_log.log|grep ‘Access denied’
Tcp port: 3306 Unix socket: /opt/mysql/mysql.sock
Time Id Command Argument
090521 11:44:26 1 Connect Access denied for user ‘abc’@’localhost’ (using password: NO)
090521 11:44:51 2 Connect Access denied for user ‘test’@’localhost’ (using password: NO)
结论:
使用telnet 192.168.1.92 3306 或ie 访问192.168.1.92:3306 将不会记录在日志中;
但在phpmyadmin中看到尝试失败次数是统计在内的;
开启query_log会将所有的查询都存起来,所以慎用;
从5.1.6开始通–log-output 参数可以将query_log输出到table;
这一牛人通过改代码让query_log只输出“access denied”
http://dev.mysql.com/tech-resources/articles/advanced-bazaar.html
No Responses (yet)
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.