From: Jorge Bastos Date: October 3 2005 5:02pm Subject: security List-Archive: http://lists.mysql.com/win32/17553 Message-Id: <036801c5c83c$49affb30$0301a8c0@hercules.decimalint.pt> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0365_01C5C844.AB639A50" ------=_NextPart_000_0365_01C5C844.AB639A50 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Decimal the access to the server is only for localhost ? You can block the mysql port "3306" to the outside with the windows = firewall. Jorge ----- Original Message -----=20 From: J.R. Bullington=20 To: mysql@stripped ; win32@stripped=20 Sent: Monday, October 03, 2005 5:56 PM Subject: Security Question Hi All --=20 I have been a member of this list for a while but I actually have a = question that I can't answer.=20 MySQL v4.1.14-nt on Win2k3 Server=20 I've got someone who is trying to get in, but I have locked it down. = Methods used include, but are not limited to:=20 No Outside Root Access=20 System DSNs for Web connectivity=20 Strong Passwords for each user=20 User Permissions different for each purpose=20 Here's the question -- It's a DoS attack and it's locking up the system = for other users (max_connections_allowed).=20 Anything I can do extra via MySQL that will keep this person away, or = perhaps free up the server? I would rather not increase the = max_conn_allowed var as it's already at 800 (more than I need). Do not have access to the Router (I wish I did, ACLs are such a great = thing), but have full Admin rights to the server.=20 Thanks everyone!=20 J.R.=20 ------=_NextPart_000_0365_01C5C844.AB639A50--