Detecting insecure configurations in MySQL servers
Insecure configurations in databases could be abused by attackers. The Center for Internet Security (CIS) publishes a security benchmark for MySQL, and Nmap can use this to audit the security configurations of MySQL servers.
This recipe shows how to detect insecure configurations in MySQL servers with Nmap.
How to do it...
To detect insecure configurations in MySQL servers, enter the following command:
$ nmap -p3306 --script mysql-audit --script-args 'mysql-audit.username="<username>",mysql-audit.password="<password>",mysql-audit.filename=/usr/local/share/nmap/nselib/data/mysql-cis.audit' <target>
Each control will be reviewed and a legend of PASS
, FAIL
, or REVIEW
will be included in the results, as follows:
PORT STATE SERVICE 3306/tcp open mysql | mysql-audit: | CIS MySQL Benchmarks v1.0.2 | 3.1: Skip symbolic links => PASS | 3.2: Logs not on system partition => PASS ...