I was told earlier that:
Quote
your sql port 3306 is open and giving your mysql version details while has a nice auth bypass to its in implimentation:
$ for i in `seq 1 1000`; do mysql -u root --password=bad -h 127.0.0.1 2>/dev/null; done
$ for i in `seq 1 1000`; do mysql -u root --password=bad -h 127.0.0.1 2>/dev/null; done
I've done a bit of googling about it and it seems my MySQL version may be afflicted by this:
http://www.h-online....te-1614990.html
Now I would assume that to stop people being able to do this, I would need to block the port from anyone outside the server being able to access it?
But I've only ever done a tiny bit with firewall configuration and to be honest it really confused me..
Could anyone point me in the direction of some instructions/examples/documentation on how I can do this? (It's a 64 bit CentOS 6.0 server if that makes any difference).
Also, is there a way that when that's been done, I can still get access myself through WorkBench? Because I have a connection set up at the moment so I can quickly get access to the database without having to login to anything else, but presumably that won't work after the port thing is changed..?
Thank you.