Detecting insecure configurations in MySQL servers

Insecure configurations in databases could be abused by attackers. The Center for Internet Security (CIS) publishes a security benchmark for MySQL, and Nmap can use this to audit the security configurations of a MySQL server.

This recipe shows how to detect insecure configurations in MySQL servers by using Nmap.

How to do it...

To detect insecure configurations in MySQL servers, enter the following command:

$ nmap -p3306 --script mysql-audit --script-args 'mysql-audit.username="<username>",mysql-audit.password="<password>",mysql-audit.filename=/usr/local/share/nmap/nselib/data/mysql-cis.audit' <target>

Each control will be reviewed and a legend of PASS, FAIL, or REVIEW will be included in the results: ...

Get Nmap 6: Network Exploration and Security Auditing Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Nmap 6: Network Exploration and Security Auditing Cookbook by Paulino Calderon Pale

Detecting insecure configurations in MySQL servers

How to do it...

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly