InfoScope

tech news clips

Wednesday, February 02, 2005

Securing a MySQL Server on Windows

By Mike Hillyer
Last Updated: February 1, 2005


  1. Introduction
  2. Step 1: Install MySQL on a Recent, NT-based version of Windows
  3. Step 2: Install MySQL on an NTFS File System
  4. Step 3: Install MySQL on a Standalone Machine
  5. Step 4: Install the Latest Production Version of MySQL
  6. Step 5: Secure the MySQL User Accounts
  7. Step 6: Disable TCP/IP Access
  8. Step 7: Bind the TCP/IP Address
  9. Step 8: Firewall the Server
  10. Step 9: Run The MySQL Service as a Limited User
  11. Step 10: Encrypt the Data Folder
  12. Step 11: GRANT the Minimum Privileges Necessary
  13. Step 12: Change the Name of the Root User
  14. Conclusion


http://dev.mysql.com/tech-resources/articles/securing_mysql_windows.html




Introduction

At the end of January 2005 a new worm-like malware named Forbot spread across the Internet, targeting poorly configured MySQL installations and exploiting them to gain access to the Windows host machines. Forbot was not a worm, in the sense that it had to be signalled to continue infecting other machines. Once the lines of communication between Forbot and its controllers were cut the spread of the bot was halted. Further information on forbot can be found in an article at http://dev.mysql.com/tech-resources/articles/security_alert.html .

It is important to understand that Forbot did not exploit any weaknesses or vulnerabilities in MySQL. There is no patch required to prevent future exploits. Forbot acted by exploiting poorly configured MySQL installations that had been installed with no root password or with a weak root password. Some examples of the passwords Forbot tried to use to access the MySQL root account include abcd1234 and 654321 (see http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=41547 for the full list).

MySQL AB is taking an active role in developing new processes for ensuring that a default MySQL installation is as secure as possible, and is developing new technologies that will help customers stay up to date and be notified of updates and technical alerts, but there are several things you can do now to secure your MySQL servers.

The intent of this article is to list the steps that an administrator can take to properly secure a MySQL installation on Windows. While the procedures listed are written for Windows users, the principles contained herein will be of benefit to users of Linux and Unix as well. While Forbot was targeted at Windows machines, Linux and Unix users could be at risk from future variants of this method of attack.

posted by K @ 2:51 PM