Hi adam, you can tell mysql to listen on 127.0.0.1, the loopback interface, --bind-address=IP , add that to the startup parameters of MySQL
if you require access from othermachines to your db but want to restrict every other host, you can , or you should use a firewall.. iptables is a good firewall for that purpose, cheers -- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl Dutch community for helping newcomers on the hackerscene -----Oorspronkelijk bericht----- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Adam Hardy Verzonden: zondag 25 januari 2004 14:19 Aan: [EMAIL PROTECTED] Onderwerp: [Mysql-discussions] netstat I'm running a web server with Apache Tomcat and mySQL for the first time and I've been following various recommendations to make the server more secure (it's Linux Debian). One of these recommendations is to keep the number of open ports to a minimum. I'm looking at netstat (see the output below) and it makes me wonder if the mysql port needs to be open at all, since the tomcat and mysql database are running on the same machine. Can I block off these ports? Would I have to use a firewall to do that? (like ip_tables) Thanks Adam Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 localhost:8005 *:* LISTEN 30723/java tcp 0 0 *:mysql *:* LISTEN 1890/mysqld tcp 0 0 *:www *:* LISTEN 30723/java tcp 0 0 *:ssh *:* LISTEN 248/sshd tcp 0 0 *:12121 *:* LISTEN 267/perl tcp 0 0 *:smtp *:* LISTEN 239/master tcp 0 0 *:https *:* LISTEN 30723/java tcp 0 0 localhost:mysql localhost:1311 ESTABLISHED 1890/mysqld tcp 1 0 localhost:1312 localhost:mysql CLOSE_WAIT 30723/java tcp 0 0 localhost:1311 localhost:mysql ESTABLISHED 30723/java -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED] _______________________________________________ Mysql-discussions mailing list [EMAIL PROTECTED] http://lists.elvandar.org/mailman/listinfo/mysql-discussions -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]