mysql hack

Posted: Tue Jun 06, 2006 1:10 am

im thinkin this is a hack attempt...as it pertains to my database...some1 or something is creating an access host...other then localhost in the database.

It isnt a name just an ip...now im not sure if this is a cpanel error...which weve been experiencing some buggs in this or if this is a legitimate hack attempt....be4 i flipped my lid and locked my site down...id like ur guys take on this...something is making an access host and i cant verify the ip it post....now i know that this is dangerous....and of course ive gone through and changed my passwords...as to avoid them cracking the md5.

Then on the same day about 3 hours later...i noticed another ip listed...not even in the same range....any ideas on how this is happening and what i could do to stop it?

Site Admin Joined: Jun 04, 2004 Posts: 6432

Where are you seeing the access host?

Posted: Tue Jun 06, 2006 8:13 am

Are you saying that in cPanel, when you access the 'MySQL Databases' page, under the heading 'Access Host' you are getting additional IP's other than 'localhost'?
If that is the case, someone has root access who shouldnt have or your host has screwed up.
Back up your DB immediately and inform your host.

Posted: Tue Jun 06, 2006 8:21 am

Right - I'd guess is was a mistake, rather than something intentional.

Posted: Tue Jun 06, 2006 4:30 pm

im thinkin the same thing...but i was curious...any known hacks able to do this...ive seen it once be4...another site i helped with...he got hacked and no real damage was done...but it was weird that when i accessed the database through cpanel...i noticed the same thing...an ip and localhost were listed as access hosts.

ive done my fair share of research in the limited time i have now that my vacations over. but little to no results worth exploring...thank u