Blocking 3306 with iptables -A INPUT -p tcp --dport 3306

Tags
127.0.0.1, blocking, iptables, mysql, security

Login to Reply

 
Thread Tools Search this Thread
# 1  
Old 1 Week Ago
Blocking 3306 with iptables -A INPUT -p tcp --dport 3306

Just added these lines to our server firewall:

Code:
iptables -A INPUT -p tcp --dport 3306 -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 3306 -j DROP

Even though mysql is configured to correctly only listen on port 127.0.0.1 we still see these mysql log file notes on a daily basis:

Code:
-rw-r----- 1 mysql adm 7554 Dec  3 13:34 error.log
$:/var/log/mysql# cat error.log
2018-12-03T19:34:32.308315Z 199800 [Note] Access denied for user 'popa3d'@'localhost' (using password: YES)
2018-12-03T19:34:32.899538Z 199804 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:33.068443Z 199808 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:33.255453Z 199810 [Note] Access denied for user 'wordpress'@'localhost' (using password: YES)
2018-12-03T19:34:33.463786Z 199812 [Note] Access denied for user 'wordpress'@'localhost' (using password: YES)
2018-12-03T19:34:33.675176Z 199814 [Note] Access denied for user 'wordpress'@'localhost' (using password: YES)
2018-12-03T19:34:33.874290Z 199816 [Note] Access denied for user 'wordpress'@'localhost' (using password: YES)
2018-12-03T19:34:34.042164Z 199820 [Note] Access denied for user 'wp'@'localhost' (using password: YES)
2018-12-03T19:34:34.230901Z 199822 [Note] Access denied for user 'blog'@'localhost' (using password: YES)
2018-12-03T19:34:34.403203Z 199824 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:34.619132Z 199826 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:34.810399Z 199828 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:35.000118Z 199830 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:35.199419Z 199832 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:35.359124Z 199834 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:35.529040Z 199836 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:35.733272Z 199838 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:35.913238Z 199840 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:36.094208Z 199842 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:36.244023Z 199846 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:36.439876Z 199852 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:36.620243Z 199856 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:36.830931Z 199858 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:36.995763Z 199860 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:37.289531Z 199864 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:37.454187Z 199868 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:37.733327Z 199870 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:37.896228Z 199872 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:38.116020Z 199874 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:38.304666Z 199876 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:38.478006Z 199878 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:38.655204Z 199880 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:38.828087Z 199882 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:39.002599Z 199888 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:39.169972Z 199892 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:39.349192Z 199894 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:39.610406Z 199896 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:39.783774Z 199898 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:39.985808Z 199902 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:40.191497Z 199905 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:40.379480Z 199907 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:40.562804Z 199909 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:40.761173Z 199911 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:40.931679Z 199913 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:41.100190Z 199915 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:41.287493Z 199917 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:41.461567Z 199919 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:41.635796Z 199921 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:41.815910Z 199923 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:42.024383Z 199925 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:42.209238Z 199927 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:42.434433Z 199929 [Note] Access denied for user 'root'@'localhost' (using password: YES)
2018-12-03T19:34:42.588499Z 199933 [Note] Access denied for user 'shop'@'localhost' (using password: YES)
2018-12-03T19:34:42.819320Z 199935 [Note] Access denied for user 'shopdb'@'localhost' (using password: YES)
2018-12-03T19:34:43.050979Z 199937 [Note] Access denied for user 'ueer'@'localhost' (using password: YES)
2018-12-03T19:34:43.279000Z 199941 [Note] Access denied for user 'nas'@'localhost' (using password: YES)
2018-12-03T19:34:43.461111Z 199944 [Note] Access denied for user 'pma'@'localhost' (using password: YES)
2018-12-03T19:34:43.685673Z 199947 [Note] Access denied for user 'sql'@'localhost' (using password: YES)
2018-12-03T19:34:43.888265Z 199949 [Note] Access denied for user 'dbs'@'localhost' (using password: YES)
2018-12-03T19:34:44.071929Z 199951 [Note] Access denied for user 'money'@'localhost' (using password: YES)
2018-12-03T19:34:44.239266Z 199953 [Note] Access denied for user 'apache'@'localhost' (using password: YES)
2018-12-03T19:34:44.447544Z 199955 [Note] Access denied for user 'http'@'localhost' (using password: YES)
2018-12-03T19:34:44.691051Z 199959 [Note] Access denied for user 'web'@'localhost' (using password: YES)
2018-12-03T19:34:44.870257Z 199963 [Note] Access denied for user 'nginx'@'localhost' (using password: YES)
2018-12-03T19:34:45.067706Z 199965 [Note] Access denied for user 'joomla'@'localhost' (using password: YES)
2018-12-03T19:34:45.297600Z 199967 [Note] Access denied for user 'project'@'localhost' (using password: YES)
2018-12-03T19:34:45.510618Z 199969 [Note] Access denied for user 'db'@'localhost' (using password: YES)
2018-12-03T19:34:45.691487Z 199971 [Note] Access denied for user 'admin'@'localhost' (using password: YES)
2018-12-03T19:34:45.873751Z 199973 [Note] Access denied for user 'admin'@'localhost' (using password: YES)
2018-12-03T19:34:46.093504Z 199975 [Note] Access denied for user 'admin'@'localhost' (using password: YES)
2018-12-03T19:34:46.249483Z 199977 [Note] Access denied for user 'admin'@'localhost' (using password: YES)

Let's see if the entries in the log files go away.
Login to Reply

|
Thread Tools Search this Thread
Search this Thread:
Advanced Search

Similar Threads More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Which are blocking and non-blocking api's in sockets in C ? VSSajjan Programming 2 07-31-2014 06:46 PM
Too much TCP retransmitted and TCP duplicate on server Oracle Solaris 10 insatiable1610 Solaris 2 04-10-2014 05:25 AM
[C++] [Unix] TCP non-blocking. Detect server disconnection procedure over, from client. ikeban Programming 2 01-12-2012 05:05 AM
[SOLVED] No INPUT chain on nat table in iptables Narnie UNIX for Advanced & Expert Users 0 11-03-2011 05:20 PM
IP Tables Add Open Port 3306 fspalero Linux 7 08-09-2011 04:49 PM
ps blocking steadyonabix UNIX for Advanced & Expert Users 0 07-13-2010 04:26 PM
[Linux] Blocking Your w00tw00ts with iptables Neo Security 10 04-09-2010 03:03 PM
URL blocking with iptables shrinuvas Debian 1 03-06-2009 03:58 AM
Number of bytes in terminal input queue w/o blocking and consuming? Lucy.Garfeld Programming 4 01-30-2009 01:04 PM
RedHat9:How to find what is blocking the port 1526/tcp Juhasz Lajos Security 0 02-14-2005 04:11 PM
Open Port 3306 for MySQL connection gdboling Security 4 04-22-2002 05:31 PM
All times are GMT -4. The time now is 12:31 PM.

Unix & Linux Forums Content Copyright 1993-2018. All Rights Reserved.