security

------=_NextPart_000_0365_01C5C844.AB639A50
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Decimal
the access to the server is only for localhost ?
You can block the mysql port "3306" to the outside with the windows =
firewall.


Jorge


----- Original Message -----=20
From: J.R. Bullington=20
To: mysql@lists.mysql.com ; win32@lists.mysql.com=20
Sent: Monday, October 03, 2005 5:56 PM
Subject: Security Question


Hi All --=20

I have been a member of this list for a while but I actually have a =
question that I can't answer.=20

MySQL v4.1.14-nt on Win2k3 Server=20

I've got someone who is trying to get in, but I have locked it down. =
Methods used include, but are not limited to:=20

No Outside Root Access=20
System DSNs for Web connectivity=20
Strong Passwords for each user=20
User Permissions different for each purpose=20



Here's the question -- It's a DoS attack and it's locking up the system =
for other users (max_connections_allowed).=20

Anything I can do extra via MySQL that will keep this person away, or =
perhaps free up the server? I would rather not increase the =
max_conn_allowed var as it's already at 800 (more than I need).

Do not have access to the Router (I wish I did, ACLs are such a great =
thing), but have full Admin rights to the server.=20

Thanks everyone!=20

J.R.=20

------=_NextPart_000_0365_01C5C844.AB639A50--