| 1 |
Grant wrote: |
| 2 |
>>> mysql only needs to connect to a daemon running on the same system, |
| 3 |
>>> and I think it does so via a unix socket as opposed to tcp. I can see |
| 4 |
>>> from netstat that /var/run/mysqld/mysqld.sock is connected, there is |
| 5 |
>>> no mention of a tcp mysql connection, and nmap does not show a mysql |
| 6 |
>>> port to be open. Is there anything else I should do as far as locking |
| 7 |
>>> down mysql? I'm the only one with shell access to the system. |
| 8 |
>> mysql should be running as a non-root user (probably mysql) and for what you |
| 9 |
>> use, should be listening on localhost only. If you need to connect over the |
| 10 |
> |
| 11 |
> How can I check to make sure mysql is only listening to localhost? It |
| 12 |
> doesn't show up with nmap. |
| 13 |
> |
| 14 |
> - Grant |
| 15 |
|
| 16 |
sudo netstat -ptln |
| 17 |
|
| 18 |
It' also works without sudo, but then you don't see the process |
| 19 |
associated with the open TCP port. |
| 20 |
|
| 21 |
kashani |
Archives