List:MySQL on Win32« Previous MessageNext Message »
From:Jorge Bastos Date:October 3 2005 5:02pm
Subject:security
View as plain text  
Decimal
the access to the server is only for localhost ?
You can block the mysql port "3306" to the outside with the windows firewall.


Jorge


----- Original Message ----- 
From: J.R. Bullington 
To: mysql@stripped ; win32@stripped 
Sent: Monday, October 03, 2005 5:56 PM
Subject: Security Question


Hi All -- 

I have been a member of this list for a while but I actually have a question that I can't
answer. 

MySQL v4.1.14-nt on Win2k3 Server 

I've got someone who is trying to get in, but I have locked it down. Methods used include,
but are not limited to: 

No Outside Root Access 
System DSNs for Web connectivity 
Strong Passwords for each user 
User Permissions different for each purpose 



Here's the question -- It's a DoS attack and it's locking up the system for other users
(max_connections_allowed). 

Anything I can do extra via MySQL that will keep this person away, or perhaps free up the
server? I would rather not increase the max_conn_allowed var as it's already at 800 (more
than I need).

Do not have access to the Router (I wish I did, ACLs are such a great thing), but have
full Admin rights to the server. 

Thanks everyone! 

J.R. 


Thread
securityJorge Bastos3 Oct