Insecure configurations in databases could be abused by attackers. The Center for Internet Security (CIS) publishes a security benchmark for MySQL, and Nmap can use this to audit the security configurations of a MySQL server.
This recipe shows how to detect insecure configurations in MySQL servers by using Nmap.
To detect insecure configurations in MySQL servers, enter the following command:
$ nmap -p3306 --script mysql-audit --script-args 'mysql-audit.username="<username>",mysql-audit.password="<password>",mysql-audit.filename=/usr/local/share/nmap/nselib/data/mysql-cis.audit' <target>
Each control will be reviewed and a legend of PASS
, FAIL
, or REVIEW
will be included in the results:
PORT STATE SERVICE 3306/tcp open mysql | mysql-audit: | CIS MySQL Benchmarks v1.0.2 | 3.1: Skip symbolic links => PASS | 3.2: Logs not on system partition => PASS | 3.2: Logs not on database...