McAfee M4050 Troubleshooting Guide - Page 17
Secure MySQL remote access, Remove individual users’ remote access, Remove ALL remote access
UPC - 731944582832
View all McAfee M4050 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 17 highlights
McAfee® Network Security Platform 6.0 Hardening the Manager Server for Windows 2003 Start MySQL. mysql> use mysql; Back up the user table to user_backup before changing it. mysql> create table user_backup as select * from user; Validate that the backup table was mysql> select count(*) from created and row count matches that user_backup; of the mysql.db table. List all users and hosts. mysql> select user,host from user; Remove anonymous/blank accounts. mysql> delete from user where user=""; Validate that rows with blank user mysql> select user,host from columns have been removed. user; Secure MySQL remote access This section provides two options for removing remote access. Remove individual users' remote access Remove ALL remote access (Recommended) Remove individual users' remote access Do ONE of the following: Remove admin (Network Security Platform user) remote access mysql> delete from user where host!='localhost' and user='admin'; (The admin user cannot login remotely; however Manager root can. Use second cmd window to validate.) mysql>flush privileges; Remove root remote access (Recommended minimum action) mysql> delete from user where host!='localhost' and user='root'; This ensures that the root user cannot login remotely; however Manager user can log in remotely. Use second cmd window to validate. mysql>flush privileges; Remove ALL remote access mysql> delete from user where host!='localhost' ALL user access is disabled including Manager users from remote host(s). Use another cmd window to validate; you can ONLY log in to the MySQL CLI on the Manager server by qualifying username, password and db. For example: mysql uadmin -pXXX lf 8