Results 1 to 2 of 2
January 27th, 2005, 04:09 AM #1Heads Up: MySQL worm reported
There are reports of a possible worm impacting MySQL servers according to the Internet Storm Center. Details are patchy but it appears to impact Windows Hosts running MySQL (version numbers unclear) and it creates a process called spoolcll.exe.
The advice seems to be to check that port 3306 is blocked/restricted at the firewall. No doubt anti-virus vendors will be working on a fix for this, but these worms spread awfully quickly. If you're hosting on a MySQL/Windows box, now might be a good time to ensure that you have some reliable backups.
January 27th, 2005, 10:31 AM #2
The MySQL worm appears to be purely password based and goes for a brute force attack. Again, blocking or restricting access to port 3306 is probably the safest thing.
This thing is growing very, very quickly. Latest info is at the ISC but at the moment they're still showing an Infocon of Green, so it's not considered to be a major risk yet.
By Bob Lawrence in forum Virtual Family and Off-TopicReplies: 4Last Post: December 7th, 2008, 10:27 AM
By Dynamoo in forum Midnight Cafe'Replies: 3Last Post: December 21st, 2004, 12:13 PM
By bob95603 in forum Midnight Cafe'Replies: 2Last Post: March 1st, 2004, 04:07 PM