MySQL远程连接的rDNS安全
[英]rDNS security of MySQL remote connections
问题描述
Consider a MySQL server that accepts remote connections. 
考虑一个接受远程连接的MySQL服务器。
What happens if you have a publicly facing MySQL server, and grant access to eg: 'sqluser'@'localhost' 如果您拥有面向公众的MySQL服务器并授予对以下权限的访问权限,例如: 'sqluser'@'localhost'
If an attacker now sets his rDNS to "localhost", will he able to access this database? 如果攻击者现在将其rDNS设置为“ localhost”,他是否可以访问该数据库?
Is there an extra check that also tries to resolve the rDNS back to the IP? 是否有额外的检查也尝试将rDNS解析回IP?
Regardless, database servers shouldn't be internet facing, but this a what-if-question. 无论如何,数据库服务器不应面向互联网,但这是一个假设问题。
1 个解决方案
解决方案1
0 已采纳 2014-07-10 19:11:58
It appears that MySQL uses forward-confirmed reverse DNS (FCrDNS) to counter these kind of attacks. 看来MySQL使用前向确认反向DNS (FCrDNS)来对抗此类攻击。
Most of the logic for the hostname checks can be found in sql/hostname.cc . 主机名检查的大多数逻辑都可以在sql/hostname.cc找到。 Moreover, several checks are also performed to make sure that the rDNS doesn't contain an IP or is otherwise poisoned . 此外,还执行了一些检查,以确保rDNS不包含IP或被中毒 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.