MySQL 错误 “could not be resolved: ..” 和引发的思考
来源:互联网 发布:java 读取txt 编辑:程序博客网 时间:2024/06/08 08:06
早上的时候发现mysql从库有点异常,看完了从库的日志,也看看主库的error log吧,这一看不得了啊,什么乱七八糟的ip都出现在日志里面,是不是叫人 密码爆破了。。
- mysql版本5.6.13
- Centos6.7
错误
mysql 错误error log中的日志是这样的
2017-06-04 09:29:19 45300 [Warning] IP address '123.206.224.80' could not be resolved: Temporary failure in name resolution2017-06-04 09:56:13 45300 [Warning] IP address '118.194.128.7' could not be resolved: Temporary failure in name resolution2017-06-04 09:56:13 45300 [Warning] IP address '118.194.128.7' could not be resolved: Temporary failure in name resolution2017-06-04 09:56:13 45300 [Warning] IP address '118.194.128.7' could not be resolved: Temporary failure in name resolution2017-06-04 09:56:13 45300 [Warning] IP address '118.194.128.7' could not be resolved: Temporary failure in name resolution2017-06-04 09:56:14 45300 [Warning] IP address '118.194.128.7' could not be resolved: Temporary failure in name resolution
解决
mysql 默认对每个client的地址会进行dns反查,然后确认是否已经授权,DNS Lookup Optimization and the Host Cache
很多人给的解决方案是这样的,修改 /etc/my.cnf , 然后重启服务.
[mysqld]skip-host-cacheskip-name-resolve
这么设置还解决了 就是某些dns解析不正常导致的连接巨慢问题。
思考
如果您的机器暴露在公网环境,并且这些ip都是陌生的,那么您的MySQL可能
被扫描了。为什么没有看到 access denied 的错误日志呢?因为还需要一些配置啊。
mysql 登录审计参考
- https://www.percona.com/blog/2012/12/28/auditing-login-attempts-in-mysql/
- https://serverfault.com/questions/65255/log-mysql-login-attempts
第一种方案,使用 general query log
配置中添加
general_log_file = /var/log/mysql/mysql.loggeneral_log = 1
日志的样子
121227 8:32:18 39 Connect root@localhost on 39 Connect Access denied for user 'root'@'localhost' (using password: YES)
query log记录的是所有的查询日志,对服务的性能损害太大了,所以这个方案不好,pass。
第二种方案,修改 error log 配置
修改配置
log_warnings = 2
避免重启可以线上的可以在线修改
mysql> SHOW VARIABLES LIKE "%warning%";+---------------+-------+| Variable_name | Value |+---------------+-------+| log_warnings | 1 || sql_warnings | OFF || warning_count | 0 |+---------------+-------+3 rows in set (0.00 sec)mysql> set global log_warnings = 2;Query OK, 0 rows affected (0.00 sec)
日志的样子
121227 8:44:21 [Warning] Access denied for user 'root'@'localhost' (using password: YES)
这样的话用 grep 就能查询到什么时候有坏人来过
sudo cat /var/log/mysql/error.err | egrep '[aA]ccess denied'
加强方案
不让从公网访问,或者添加访问ip白名单。如果必须开启远程访问,client的ip又不能固定,那也没好的办法,一般有点实力的公司还是有内网,vpn,或者 mysql proxy等的方案的。
阅读全文
0 0
- MySQL 错误 “could not be resolved: ..” 和引发的思考
- Eclipse错误提示: Symbol 'xxxx' could not be resolved
- android--jni编译错误的解决方案:.c源文件出现类似Type 'jstring' could not be resolved
- Eclipse编写C++出现Symbol 'std' could not be resolved错误提示的解决方案
- mysql IP address 'xxx' could not be resolved
- mysql显示[Warning] IP address 'xxxx' could not be resolved: Name or service not known错误解决
- [ndk]Type 'size_t' could not be resolved 我的解决方法
- The remote name could not be resolved问题的解决方法
- jni开发中遇到的问题2:Type 'JNIEnv' could not be resolved/Type 'jobject' could not be resolved等等
- Function 'UINT64_C' could not be resolved
- Type 'JNICALL' could not be resolved
- Function 'UINT64_C' could not be resolved
- features:addurl could not be resolved
- Type 'AndroidBitmapInfo' could not be resolved
- Symbol 'ANDROID_LOG_DEBUG' could not be resolved
- Eclipse: symbol '???' could not be resolved [duplicate]
- Android NDK *** could not be resolved
- Symbol 'cv' could not be resolved
- 【LeetCode】229.Majority Element II解题报告
- 安信可-A7模块——GPS显示坐标信息解读
- 用linux shell 脚本提取文件中图片,并重命名成0001\0002格式
- Android应用OnTrimMemory()实现性能建议
- Python的raw_input语句包含中文,在Windows环境CMD中显示乱码的解决方法
- MySQL 错误 “could not be resolved: ..” 和引发的思考
- 【6.1】c++ primer plus 课后编程答案
- Tensorflow 基础教程(1)
- Hadoop基本概念指南
- C# 中XML的序列化和反序列化
- J: 数字和
- 拓扑排序思维导图
- 管道(pipe)
- Java标准接连Oracle写法