Go Back   EQEmulator Home > EQEmulator Forums > Support > Support::MiniLogin
Reload this Page How to make proper startup files for Mini-Login use

Support::MiniLogin Support forum for problems with the official MiniLogin release.

Reply
 
Thread Tools Display Modes
  #1  
Old 02-05-2009, 10:22 PM
cubber
Discordant
  
Join Date: Apr 2006
Posts: 374
Default
unless you did one of these then they could access it from any ip address:

Code:
 GRANT ALL PRIVILEGES ON *.* TO 'user'@'%' IDENTIFIED BY 'password' WITH GRANT OPTION;
But yes you are both correct, my point was that it is not needed for a regular home brew server, only for special cases like Angelox's. So basically if you are not sure that you need it then you probably don't. As for the other ports try turning off all of the tcp ports and just leave the udps I bet you will have no issues. Just a more secure firewall. You may need to leave tcp on port 9000 if you use the telnet feature, I usually only use this through vpn if I need to though, since telnet by default is unsecure.
Reply With Quote
  #2  
Old 02-06-2009, 09:31 AM
Angelox
AX Classic Developer
  
Join Date: May 2006
Location: filler
Posts: 2,049
Default
Quote:
Originally Posted by cubber View Post
unless you did one of these then they could access it from any ip address:

Code:
 GRANT ALL PRIVILEGES ON *.* TO 'user'@'%' IDENTIFIED BY 'password' WITH GRANT OPTION;
But yes you are both correct, my point was that it is not needed for a regular home brew server, only for special cases like Angelox's. So basically if you are not sure that you need it then you probably don't. As for the other ports try turning off all of the tcp ports and just leave the udps I bet you will have no issues. Just a more secure firewall. You may need to leave tcp on port 9000 if you use the telnet feature, I usually only use this through vpn if I need to though, since telnet by default is unsecure.
That would defeat what I was pointing out; the port is secure as long as it points to the mysql database and user privs only accessible by the root/server. "GRANT ALL PRIVILEGES" is not always a good idea, and will make the database insecure.
Reply With Quote
  #3  
Old 02-06-2009, 09:59 AM
cubber
Discordant
  
Join Date: Apr 2006
Posts: 374
Default
Yup, that is what I was saying. Some people blindly follow guides for mysql or anything for that matter, and I have seen that line in quite a few of them. So if you are trying something but do not quite know what you are doing you may end up throwing that line in your mysql and accidentally open it up to the world without knowing about it.

I think you have a great guide here, I was just trying to help elaborate a bit so someone does not follow this guide blindy and introduce possible security holes if they don't know exactly what they are doing.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

   

All times are GMT -4. The time now is 11:29 AM.

EQEmulator - Archive - Top

 

Everquest is a registered trademark of Daybreak Game Company LLC.
EQEmulator is not associated or affiliated in any way with Daybreak Game Company LLC.
Except where otherwise noted, this site is licensed under a Creative Commons License.
       
Powered by vBulletin®, Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Template by Bluepearl Design and vBulletin Templates - Ver3.3