How to Block all ports except ssh and 2 others

G

Gio01

Boys do not understand how to lock all the ports to the outside except a few. Type the ssh and mysql.

They can still access my mysql database and do not know what to do.
There are exploits for MariaDB / MySQL that allows root access without knowing password.
How can I stop this by firewall?
Thank you for your help.
 
Firewalling a compromised machine is not going to help. For all you know, they have you doing stuff inside a chroot(8). Back up, reinstall, check everything that is put on the new machine to make sure you are not copying compromised stuff. Update exploitable software to the latest version. Change configs, apply patches, do all the normal stuff to secure it.

pf(4) (pf.conf(5)) has become popular for power and ease of use. In terms of speed, I think that ipfw(8) is still the fastest. For most people, firewall speed is not an issue.
 
Ok just finished installing everything.
The mysql is still vulnerable.
But I can not do that:
blocks all traffic outside of the port 3306, except on specific ip?
 
Is there no patch/fix/workaround for the vulnerability?

Limiting the IP addresses that can get to it is better than nothing.
 
In short, there is an exploit discovered recently that runs on blackhat,
gives you started dumping the password and it makes you connect bypassing the login mysql even if you've blocked ip.
 
Do you have to expose the MySQL port to the whole wide world? What type of clients connect to your database, are they all from known IP addresses?
 
Yes i have opened the port mysql to all.
But I stuck with dial-ip unknown.
In a few words must operate only between my site and server.
 
You should have done that already as the fix has been out for a while.
 
You must log in or register to reply here.
Back
Top