My firewall has denied and logged several of the following messages:
Packet log: input DENY eth0 PROTO=6 192.168.0.1:37656 66.31.176.185:3306
L=40 S=0x00 I=26581 F=0x0000 T=39 (#2)
As you can see, it is a spoofed IP trying to connect to the mysql port.
I've looked around at basic security sites (sans.org, whitehats.com) and
haven't found any documentation of specific exploits against MySQL.
My questions are 1) do others typically see this? 2) what do you do? (my
guess is, not much) 3) Are there other security measures I should be
taking? and finally 4) are there any documented MySQL exploits? (buffer
overflows)
Regards,
Gary "SuperID" Huntress
=======================================================
FreeSQL.org offering free database hosting to developers
Visit http://www.freesql.org
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
