Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-253734 | MADB-10-008100 | SV-253734r841727_rule | Medium |
Description |
---|
Use of nonsecure network functions, ports, protocols, and services exposes the system to avoidable threats. |
STIG | Date |
---|---|
MariaDB Enterprise 10.x Security Technical Implementation Guide | 2022-08-24 |
Check Text ( C-57186r841725_chk ) |
---|
Check the ports in use by running the following command as the administrator user: MariaDB > SHOW GLOBAL VARIABLES LIKE 'port'; If the currently defined port configuration is deemed prohibited, this is a finding. |
Fix Text (F-57137r841726_fix) |
---|
To verify that mariadb system denies specific network functions, locate cnf file and specifically bind ip address to deny (or port): $ ls -la /etc | grep my.cnf -rw-r--r--. 1 root root 301 Aug 25 12:45 my.cnf bind-address = 127.0.0.1 #just an example To specifically change default port (3306) is something different: port = 1234 bind = 10.10.10.10 #as an example After making changes to the .cnf file, stop and restart the database service. |