Harden MySQL installation was a task in InCTF 2014 learning round. Below are the steps I used to harden MySQL installation on my Ubuntu 13.04 box.
Basic MySQL installation
Securing MySQL
Type the below command to start the secure setup script
This will launch the secure installation script
Setting root password:
If you had not set the root password at the time of installation systems asks you to set it now. I had already set the root password, so I'm skipping.
Remove anonymous users:
By default MySQL have anonymous login with no passwords, so remove it.
Disallow remote root login:
To make sure some one brute force or guess your root user password and attempt to remotely login into your database server.
Remove default 'test' database:
MySQL is shipped with a default 'test' database that anyone can access, it's purely only for testing and should be removed.
Reload the privileges table:
To make all the changes reflect reload the privileges table.
Basic MySQL installation
sudo apt-get install mysql-server
Securing MySQL
Type the below command to start the secure setup script
sudo /usr/bin/mysql_secure_installation
This will launch the secure installation script
Setting root password:
If you had not set the root password at the time of installation systems asks you to set it now. I had already set the root password, so I'm skipping.
By default MySQL have anonymous login with no passwords, so remove it.
Disallow remote root login:
To make sure some one brute force or guess your root user password and attempt to remotely login into your database server.
Remove default 'test' database:
MySQL is shipped with a default 'test' database that anyone can access, it's purely only for testing and should be removed.
Reload the privileges table:
To make all the changes reflect reload the privileges table.
0 comments:
Post a Comment