if you limit SQL accounts...

what stops an user from compiling his own SQL server in your hosting, binding it on a not-used port and running it thru crontab for example?

i think nothing...

1) you can configure APF just let IN traffic to already used ports, but firewalls doesn't stop someone from binding a port, just stop other people to connect to this port
in other words, doing that, you wouldn't allow IP 10.10.10.10 (for example) to connect on port 12345 (after you sucessfully bind it) of your server... but 127.0.0.1 (your own host) would still be able to connect
and that's all the user need to connect to the SQL server

2) you can stop compilers, like chmod 0700... some can just upload his own compiler (already compiled of course) or some sql server statically compiled

how would you do? if you limit SQL accounts...

 

 

 

 

Top