Blossom Joined Oct 25, 2010 Posts 1,406 Reaction score 74 Jun 12, 2012 #1 http://www.theregister.co.uk/2012/06/11/mysql_mariadb_password_flaw
PoshTiger Joined Jun 17, 2011 Posts 1,502 Reaction score 119 Jun 12, 2012 #2 Thanks for the info... I'm off to change the login names to my databases to something obscure...
RobM Joined Mar 3, 2012 Posts 3,273 Reaction score 1,371 Jun 12, 2012 #3 Basically don't use 'root' for anything. Move off the standard SSH/MySQL ports etc. This will stop 99.999% of brute force hacks.
Basically don't use 'root' for anything. Move off the standard SSH/MySQL ports etc. This will stop 99.999% of brute force hacks.
jimm Joined Feb 17, 2008 Posts 683 Reaction score 13 Jun 16, 2012 #4 PoshTiger said: Thanks for the info... I'm off to change the login names to my databases to something obscure... Click to expand... You probably have the user root dont forget And do you really need MySQL exposed to the web? FW it off to no one or a list of allowed hosts! And having said that ive tested many servers (mainly Plesk and cPanel servers mind) and found not one which was exploitable from this bug...
PoshTiger said: Thanks for the info... I'm off to change the login names to my databases to something obscure... Click to expand... You probably have the user root dont forget And do you really need MySQL exposed to the web? FW it off to no one or a list of allowed hosts! And having said that ive tested many servers (mainly Plesk and cPanel servers mind) and found not one which was exploitable from this bug...
R retired_member21 Joined Apr 15, 2008 Posts 734 Reaction score 13 Jun 17, 2012 #5 Only if open on port 3306