[EMAIL PROTECTED] wrote:
>Hi,
>
> Would anyone know how to handle mySQL server attacks? A friend of mine
>suspects that someone or some*thing* is launching an attack on a certain
>mySQL server such that it is causing several processes to die. Also, would
>there be any way to differentiate "valid" and "invalid" requests? Save from
>blocking packets/requests for that specified server (which is inappropriate
>for firewalled machines), how would you handle these?
Beware, if you run mysql as root you're open to a bug that allows mysql clients to
overwrite just about any file on the system.
The packet filtering solution would be the best and simplest. I don't understand why
you think it would be inappropriate. That and changing the port/interface MySQL
listens on.
JR
__________________________________
www.edsamail.com
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
