G33K
Member
- Feb 7, 2012
- 28
- 0
Hello guys, let me introduce myself, im G33K a retired blackhat now working for company's to explain how to harden their security, and now im making a tutorial on hardening your windows VPS.
PART ONE - DATABASE SECURITY AND KNOWLEDGE
YOU WILL NEED:
PART ONE - DATABASE SECURITY AND KNOWLEDGE
YOU WILL NEED:
- MYSQL COMMUNITY SERVER
- MYSQL WORKBENCH
- Install MYSQL community server. Just follow the standard installation, and let it install.
- REBOOT!!
- Open MYSQL WORKBENCH You will find
You must be registered for see linksbuttons
- First we are going to add a new server instance for managing the users! click on
You must be registered for see linksbutton
- You will see something similar to
You must be registered for see links, Click on Remote server and enter the IP or HOSTNAME of your server.
- You will now get
You must be registered for see linksscreen, fill out the username and password for ROOT.
- You can SKIP WMI.
- After installing you will get
You must be registered for see links, CLICK ONYou must be registered for see links
- Now we CLICK on ADD ACCOUNT
- Now we are going to do
You must be registered for see links2 times, one for the EMULATOR and one for YOU
- For the emulator user account use the IP (LOCALHOST) and for your account use your own ip, this is for security so no-one will know the root password, nor can get into the mysql database using sloppy phpmyadmin.
- AFTER you added ONE account you have to SETUP user rights YOU CLICK ON SCHEMA PRIVILEGES
- Now click on ADD ENTRY and you will see
You must be registered for see linksscreen Select a SCHEMA, and fill the access host in.
- REMEMBER ALWAYS PRESS SAVE! OR IT WONT BE SAVED!
Q & A
Q: What is table locking?
A:
You must be registered for see links
Q: Will you help me protecting X and Y?
A: Leave me a PM, and maybe i will release another tutorial!
Q: Do i have to use root on my website?
A: Never, Root is all-acces and not safe to use as a live account, use the emulator account
Q: Hey i cant use X on my website WHY?
A: Did you use a seperate account for the website? If yes, please read about table locking.
Q: I have a question?
A: Leave a message in this topic clearly telling me the problem and providing me screenshots as you do.
FEEL F TO COPY THIS TUTORIAL TO OTHER BOARDS, SHARING = CARING!
-- G33K