wrrn <mailSPAMLESSwarrenize.com> wrote in
news:bemq70$9cf$1forums.macromedia.com:
> (1)
> I'm new to sql and have my windows xp pro box setup with
> apache/php/mysql. I found myself locked out of phpMyAdmin with this
> error message:
> Access Denied for user: root127.0.0.1 (Using password: NO) This happened
> after setting a root password.
Read the error message (Using password: NO), you need to update PMA's
config.inc.php with the new password.
> I've since read about the need to flush privileges after setting up a
> root password.
> How do I do this action (flushing)?
mysql> FLUSH PRIVILEGES;
> I really don't want to have to re-install again.
Reinstalling the manual may be a good idea :)
> (2)
> I'm concerned about security. I do Not locally serve any sites to the
> web. I only use this setup as a testing server. I'm on WinXPpro with a
> DSL connection via Linksys router (w/firewall), Windows firewall
> disabled. My system tests *stealth* at SheildsUp for all security
> probes except for IDENT (port 113, I think).
> Am I open to intrusion while the server is running ??
1) Last time I looked ShieldsUp only tests a few ports, 3306 is not one of
them.
2) Your router wouldn't allow incoming connections unless configured
otherwise (why 113 is not stealthed is probably a question for another
group).
3) Unless your privileges tables allow connections from any host (%), even
if someone could establish a connection they couldn't login and therefore
couldn't see/change anything.
4) If you have no need to allow connections from anywhere else, create/edit
a my.ini file in c:\winnt (or maybe c:\windows) directory with the
following:

[mysqld]
bind-address=127.0.0.1

Then restart MySQL, it will no longer listen for remote connections at all.