Some of the vulnerabilities have been addressed in recent releases. I
would check the bug list and change log to see if your versions have
been patched. If you want to disallow all tcp/ip connections you can use
the |--skip-networking parameter. Only Unix sockets or Windows named
pipes connections will be allowed.
|Scott Haneda wrote:
on 11/30/04 8:53 PM, Victor Pendleton at [EMAIL PROTECTED] wrote:
If you plan on connecting only from the localhost host or via an ssh
tunnel you block port 3306 at the firewall or router. What exactly are
you looking to accomplish?
Well, some friend of a friend decided to scan me and found he could get
myslq to report the version I am runing. He could not login or anything
like that. He then pointed me to
http://www.securityfocus.com/bid/11261/discussion/
http://www.securityfocus.com/bid/8590/discussion/
http://www.securityfocus.com/bid/10655/discussion/
http://www.securityfocus.com/bid/10654/discussion/
http://www.securityfocus.com/bid/975/discussion/
For which I just started wondering. I can easily block it out in the
router, but it made me curious as to what other options there are.
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
