denyhosts-like app for MySQLd?
Jordi Espasa Clofent
jordi.espasa at opengea.org
Tue Jan 22 07:08:23 PST 2008
> why do you open your mysql port to the world?
>
> if you want to let users in from any place, then an ssh tunnel is safer
> (yes, works even on windows, using putty or whatever. and a user who
> finds this difficult shouldn't be able to run sql commands!).
I completely agree with you; the problem is always the same: the
decisions are taken by non-technical staff in a lot of times.
I've proposed a ssh tunnels for MySQL remote connections... but it means
"so hard" for final customers....
> If this is too much, at least use a different port to reduce the noise
> (This won't add security, but will somehow limit exposure).scribe at freebsd.org"
Of course.
--
Thanks,
Jordi Espasa Clofent
More information about the freebsd-security
mailing list