Nmap Development mailing list archives
Re: [NSE Script] MySQL Server Information
From: jah <jah () zadkiel plus com>
Date: Wed, 19 Dec 2007 00:09:11 +0000
On 18/12/2007 19:56, Kris Katterjohn wrote:
I added a check for too many connections, which I saw in the probes file. It should match the different little versions of it from there, though I didn't find a server with that error to test with.This was my challenge for the day, find a server that reported 1040 Too Many Connections. I couldn't. So I set about creating one and after much fiddling with users and the max_connections mysql variable and much hair-pulling, I conclude that the 1040 error seems only to occur after a login request is sent to the server. I was able to put my sql server in a state where it would respond with 1040, but only after login request. The Server Greeting is sent prior to this so the script can still get it's info. Therefore, I would say that the extra portrule may be unnecessary. I haven't made any changes though because it's not hurting anything and I may still be proved wrong...That's odd because there are multiple match lines in the -probes file that look for too many connections from just the banner (NULL probe). I guess we'll just have to see about that! :)
You're right. I've done alot of random scanning and not found anything though; yet. I certainly couldn't get my installation of mysql to respond in this way and I read [1] that mysql always allows 1 extra connection for a user with SUPER privs. so that they can still connect to diagnose problems in the event of max_connections reached. This would mean that a login request would have to be sent in order to verify that the login request was from a suitably privileged user. Anyone else would get the 1040 response. That still doesn't explain why it's in the service-probes file though, but I wonder if some servers simply run out of resources and report 1040.... Best to leave the portrule as it now, wouldn't you say? jah [1] http://dev.mysql.com/doc/refman/5.1/en/too-many-connections.html _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: [NSE Script] MySQL Server Information, (continued)
- Re: [NSE Script] MySQL Server Information jah (Dec 18)
- Re: [NSE Script] MySQL Server Information Brandon Enright (Dec 18)
- Re: [NSE Script] MySQL Server Information sawall (Dec 18)
- Re: [NSE Script] MySQL Server Information Kris Katterjohn (Dec 18)
- Re: [NSE Script] MySQL Server Information jah (Dec 18)
- Re: [NSE Script] MySQL Server Information Kris Katterjohn (Dec 18)
- Re: [NSE Script] MySQL Server Information Fyodor (Dec 18)
- RE: [NSE Script] MySQL Server Information Rob Nicholls (Dec 18)
- Re: [NSE Script] MySQL Server Information jah (Dec 18)
- Re: [NSE Script] MySQL Server Information Fyodor (Dec 18)
- Re: [NSE Script] MySQL Server Information jah (Dec 18)
- RE: [NSE Script] MySQL Server Information Rob Nicholls (Dec 18)
- Re: [NSE Script] MySQL Server Information Thomas Buchanan (Dec 18)
- Re: [NSE Script] MySQL Server Information sawall (Dec 18)
- Re: [NSE Script] MySQL Server Information Fyodor (Dec 18)