If it's a DoS attack then perhaps you should be speaking to your ISP and
getting that resolved rather than trying to work around the problem on
your side of things!
Having said that, you could possibly impose host level restrictions in
MySQL, but that could be a lot of work to modify your existing user
base, especially since you'd need to gather all your remote host
information first, and then do all the updates. Cheers.
J.R. Bullington wrote:
> Hi All --
> I have been a member of this list for a while but I actually have a
> question that I can't answer.
> MySQL v4.1.14-nt on Win2k3 Server
> I've got someone who is trying to get in, but I have locked it down.
> Methods used include, but are not limited to:
> No Outside Root Access
> System DSNs for Web connectivity
> Strong Passwords for each user
> User Permissions different for each purpose
> Here's the question -- It's a DoS attack and it's locking up the system
> for other users (max_connections_allowed).
> Anything I can do extra via MySQL that will keep this person away, or
> perhaps free up the server? I would rather not increase the
> max_conn_allowed var as it's already at 800 (more than I need).
> Do not have access to the Router (I wish I did, ACLs are such a great
> thing), but have full Admin rights to the server.
> Thanks everyone!