Looking around last night for ways to upgrade RedHat to http://www.debian.org (which proves somewhat non-trivial, the easiest way being a reinstall to Debian), I was looking into one of my systems and I found that MySQL was binding port 3306 to the outside IP address. After some looking around, I found that to disable this you had to have a my.cnf file in /etc that MySQL looked at whilst starting.
By default my version of MySQL, 4.0.x didn’t have a my.cnf so I created one like this and put the necessary line in, skip-networking, to disable binding to outside IPs. It looks like this:
#MySQL configuration file
And thats it, restart MySQL and it will still bind to the local loopback address (127.0.0.1), but won’t be so visable even if your firewall is mean’t to stop such traffic.comments powered by Disqus