[TUT] Server Security

G33K

G33K

Member
Feb 7, 2012
28
0
Hello guys, let me introduce myself, im G33K a retired blackhat now working for company's to explain how to harden their security, and now im making a tutorial on hardening your windows VPS.

PART ONE - DATABASE SECURITY AND KNOWLEDGE

mysql_02-11-2009_19_35.gif


YOU WILL NEED:
  • MYSQL COMMUNITY SERVER
  • MYSQL WORKBENCH
  1. Install MYSQL community server. Just follow the standard installation, and let it install.
  2. REBOOT!!
  3. Open MYSQL WORKBENCH You will find
    You must be registered for see links
    buttons
  4. First we are going to add a new server instance for managing the users! click on
    You must be registered for see links
    button
  5. You will see something similar to
    You must be registered for see links
    , Click on Remote server and enter the IP or HOSTNAME of your server.
  6. You will now get
    You must be registered for see links
    screen, fill out the username and password for ROOT.
  7. You can SKIP WMI.
  8. After installing you will get
    You must be registered for see links
    , CLICK ON
    You must be registered for see links
  9. Now we CLICK on ADD ACCOUNT
  10. Now we are going to do
    You must be registered for see links
    2 times, one for the EMULATOR and one for YOU
  11. For the emulator user account use the IP (LOCALHOST) and for your account use your own ip, this is for security so no-one will know the root password, nor can get into the mysql database using sloppy phpmyadmin.
  12. AFTER you added ONE account you have to SETUP user rights YOU CLICK ON SCHEMA PRIVILEGES
  13. Now click on ADD ENTRY and you will see
    You must be registered for see links
    screen Select a SCHEMA, and fill the access host in.
  14. REMEMBER ALWAYS PRESS SAVE! OR IT WONT BE SAVED!

Q & A
Q: What is table locking?​
A:
You must be registered for see links
Q: Will you help me protecting X and Y?​
A: Leave me a PM, and maybe i will release another tutorial!​
Q: Do i have to use root on my website?​
A: Never, Root is all-acces and not safe to use as a live account, use the emulator account​
Q: Hey i cant use X on my website WHY?​
A: Did you use a seperate account for the website? If yes, please read about table locking.​
Q: I have a question?​
A: Leave a message in this topic clearly telling me the problem and providing me screenshots as you do.​
FEEL FREE TO COPY THIS TUTORIAL TO OTHER BOARDS, SHARING = CARING!
-- G33K​
 

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
☀️  Switch to Light Theme

Latest posts

Top