314 Part III . Administration that you have
314 Part III . Administration that you have a MySQL server unless he or she uses other methods for fingerprinting the server on another port. Fingerprinting a MySQL server is possible. A curious person could open connections on random or sequential ports and see a familiar signature or fingerprint thus discovering your MySQL server. In Figure 12-6, I have the MySQL server set to listen on port 5150. Then, by simply telnetting to that port, I can see a repeatable pattern. Figure 12-6: Telnetting to a port that MySQL listens on shows a definite fingerprint indicating that it is indeed a MySQL server. Notice, in Figure 12-6, that the pattern is always the same. The beginning of the session opens with a left parentheses followed by a line-feed. Then a pattern of digits is shown followed by eight characters. Each time I telnet to the server, the pattern repeats. Now I know not only that there is a MySQL server on this host but also what version of the server is running, as indicated by the digits. As you can see, simply changing the port will not stop an ambitious attacker. The speed and triviality with which an attacker could scan 65,000 ports for a MySQL server makes changing the default port somewhat of a moot point. However, I still believe that changing the default port can serve a purpose to discourage the casual onlooker or curious person. To change the default port that MySQL listens for TCP/IP connections on, add the line port = N to the , section of the MySQL configuration file. For example, in Figure 12-7 the ,section is shown from an example server configuration file. (Note that the port number has been changed for the server.) Note For the sake of security, you must change any applications including the MySQL CLI so they connect via the alternative port number.
If you are looking for affordable and reliable webhost to host and run your business application visit our ftp web hosting services.