MySQL Server includes a plugin library that enables administrators to introduce an increasing delay in server response to connection attempts after a configurable number of consecutive failed attempts. MySQL Server包含一个插件库,使管理员能够在连续失败尝试的可配置数量后,在服务器对连接尝试的响应中引入越来越大的延迟。This capability provides a deterrent that slows down brute force attacks against MySQL user accounts. The plugin library contains two plugins:此功能提供了一种威慑,可以减缓对MySQL用户帐户的暴力攻击。插件库包含两个插件:
CONNECTION_CONTROL checks incoming connection attempts and adds a delay to server responses as necessary. CONNECTION_CONTROL检查传入的连接尝试,并在必要时向服务器响应添加延迟。This plugin also exposes system variables that enable its operation to be configured and a status variable that provides rudimentary monitoring information.此插件还公开了使其操作能够配置的系统变量和提供基本监控信息的状态变量。
The CONNECTION_CONTROL plugin uses the audit plugin interface (see Writing Audit Plugins). CONNECTION_CONTROL插件使用审计插件接口(请参阅编写审计插件)。To collect information, it subscribes to the 为了收集信息,它订阅了MYSQL_AUDIT_CONNECTION_CLASSMASK event class, and processes MYSQL_AUDIT_CONNECTION_CONNECT and MYSQL_AUDIT_CONNECTION_CHANGE_USER subevents to check whether the server should introduce a delay before responding to connection attempts.MYSQL_AUDIT_CONNECTION_CLASSMASK事件类,并处理MYSQL_AUDIT_CONNECTION_CONNECT和MYSQL_AUDIT_CONNECTION_CHANGE_USER子事件,以检查服务器在响应连接尝试之前是否应该引入延迟。
CONNECTION_CONTROL_FAILED_LOGIN_ATTEMPTS implements an INFORMATION_SCHEMA table that exposes more detailed monitoring information for failed connection attempts.CONNECTION_CONTROL_FAILED_LOGIN_ATTEMPTS实现了一个INFORMATION_SCHEMA表,该表为失败的连接尝试提供了更详细的监控信息。
The following sections provide information about connection-control plugin installation and configuration. 以下部分提供了有关连接控制插件安装和配置的信息。For information about the 有关CONNECTION_CONTROL_FAILED_LOGIN_ATTEMPTS table, see Section 26.6.2, “The INFORMATION_SCHEMA CONNECTION_CONTROL_FAILED_LOGIN_ATTEMPTS Table”.CONNECTION_CONTROL_FAILED_LOGIN_ATTEMPTS表的信息,请参阅第26.6.2节,“INFORMATION_SCHEMA CONNECTION_CONTROL_CAILED_LOGIN_ATTEMPTS表”。