On Fri 2002-07-26 at 15:24:58 -0300, anderson.pa@stripped wrote:
> Why should I close port 3306 used by mysql? What would happen if a
> hacker use this port?
You should close it (as far as reasonable only, of course), simply,
because you lose nothing, but gain an additional layer a malicious
hacker has to overcome.
Where closing can mean to use --skip-networking, if you have only
local accesses, use a firewall to restrict connections to the local
net, or allow only some computers from the internet - depending on
It is a general security measure to disallow anything which is not
explicitly needed, as far as the effort is reasonable regarding the
needs. It is irrelvant if there are known attack vectors or not.
That said, AFAICT, there are no known MySQL relevant weeknesses having
the port open. Of course, you get your usual share of risks, like weak
passwords, potential DoS, information leaking and so on, which have
nothing to do with MySQL per se.