12-15-2018
Thanks for the update.
I do not advise binding your DB to 0.0.0.0 or your server's IP address because this can open up your DB to outside attackers.
Normally, web admins bind the DB to the localhost so only processes which originate on the localhost can assess the DB, for security reasons.
In other words, for security reasons, you should design your system so you do not need to telnet or otherwise remotely connect to your DB.
10 More Discussions You Might Find Interesting
1. Solaris
Hi,
So that potential responders will have an idea of what they're dealing with let me say that while I am a UNIX newbie I have been in IT for over 10 years.
We have several SUN boxes running ver 5 of the OS that have been sitting dormant for some time as they were part of a now defunct... (3 Replies)
Discussion started by: pjewett
3 Replies
2. Linux
Hi,
I will like to allow access to the mysql port (3306) to certain IP address. All other IP's should be automatically blocked. What is the best way to do this? (8 Replies)
Discussion started by: shantanuo
8 Replies
3. Solaris
Unable to open 3966 port for buildforge in Solaris 10, anyone pls help me how to open the 3966 port in solaris.
Thanks in Advance (1 Reply)
Discussion started by: durgaprasadr13
1 Replies
4. IP Networking
I am trying to block ALL traffic except when from ports 9100,22,23 to destination network 192.0.0.0 (my WAN): 2 networks 192.0.3.0 with static route to 192.0.0.0
Shouldn't this work?:
iptables -A INPUT -p tcp -d 192.0.0.0/24 --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -d 192.0.0.0/24... (3 Replies)
Discussion started by: herot
3 Replies
5. IP Networking
i want to kill a tcp connection by killing its pid
with netstat -an i got the tcp ip connection on port 5914
but when i type ps -a or ps-e there is not such process running on port 5914
is it possible that because i do not log on with proper user account i can not see that process running? (30 Replies)
Discussion started by: alinamadchian
30 Replies
6. UNIX for Advanced & Expert Users
Hi All,
I successfully configured a DEBIAN Lenny bridged firewall
using ebtables.
The bridged interface is br0.
The ethernet interface are eth0 & eth1 respectively.
All the traffic are transparently passing my firewall but i need to find & block temporarily the bandwidth abusers.
Can... (1 Reply)
Discussion started by: coolatt
1 Replies
7. UNIX for Dummies Questions & Answers
hi guys
I doing some collocation for a customer, customer requested to use other port for ssh not the default one. OK no problem
and customer will be using rsync to sync backups among other things
I know we have to open port let's say port 5999 for ssh since we are using that one now but I... (1 Reply)
Discussion started by: karlochacon
1 Replies
8. Red Hat
Hi Experts,
I am receiving below error while trying to connect port 8080.
Could not open connection to the host, on port 8080 : connection refused.
iptables configuration
/etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of... (1 Reply)
Discussion started by: sai_2507
1 Replies
9. Infrastructure Monitoring
If I would like to know what connection , data , traffic in a network port ( eth0 ) , what can I do ?
ps. because I always found the network is very slow , so I would like what the network port is doing .
Thanks
Login ID ust3 is currently in read-only mode for multiple infractions. Creating... (0 Replies)
Discussion started by: ust03
0 Replies
10. AIX
Hi Friends,
How to do port forwarding in AIX? We would like to re route traffic from port A to port B on AIX LPAR.
for example: my application is using 8080 port on LPAR and would like to use the 8081 instead of 8080. By default application was configured with 8080. But instead of changing... (2 Replies)
Discussion started by: System Admin 77
2 Replies
LEARN ABOUT CENTOS
firewalld.conf
FIREWALLD.CONF(5) firewalld.conf FIREWALLD.CONF(5)
NAME
firewalld.conf - firewalld configuration file
SYNOPSIS
/etc/firewalld/firewalld.conf
DESCRIPTION
firewalld.conf is loaded by firewalld during the initialization process. The file contains the basic configuration options for firewalld.
OPTIONS
These are the options that can be set in the config file:
DefaultZone
This sets the default zone for connections or interfaces if the zone is not selected or specified by NetworkManager, initscripts or
command line tool. The default zone is public.
MinimalMark
For some firewall settings several rules are needed in different tables to be able to handle packets in the correct way. To achieve
that these packets are marked using the MARK target iptables(8) and ip6tables(8). With the MinimalMark option a block of marks can be
reserved for private use; only marks over this value are used. The default MinimalMark value is 100.
CleanupOnExit
If firewalld stops, it cleans up all firewall rules. Setting this option to no or false leaves the current firewall rules untouched.
The default value is yes or true.
Lockdown
If this option is enabled, firewall changes with the D-Bus interface will be limited to applications that are listed in the lockdown
whitelist (see firewalld.lockdownwhitelist(5)). The default value is no or false.
SEE ALSO
firewall-applet(1), firewalld(1), firewall-cmd(1), firewall-config(1), firewalld.conf(5), firewalld.direct(5), firewalld.icmptype(5),
firewalld.lockdown-whitelist(5), firewall-offline-cmd(1), firewalld.richlanguage(5), firewalld.service(5), firewalld.zone(5),
firewalld.zones(5)
NOTES
firewalld home page at fedorahosted.org:
http://fedorahosted.org/firewalld/
More documentation with examples:
http://fedoraproject.org/wiki/FirewallD
AUTHORS
Thomas Woerner <twoerner@redhat.com>
Developer
Jiri Popelka <jpopelka@redhat.com>
Developer
firewalld 0.3.9 FIREWALLD.CONF(5)