MariaDB must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accord with the Ports, Protocols, and Services Management (PPSM) guidance.

An XCCDF Rule

Details
Profiles

Description

Use of nonsecure network functions, ports, protocols, and services exposes the system to avoidable threats.

ID: SV-253734r961470_rule
Version: MADB-10-008100
Severity: Medium
References: CCI-001762
Updated: about 2 months ago

Remediation Templates

To verify that mariadb system denies specific network functions, locate cnf file and specifically bind ip address to deny (or port):
        $ ls -la /etc | grep my.cnf
-rw-r--r--.   1 root root      301 Aug 25 12:45 my.cnf
      bind-address = 127.0.0.1 #just an example
   
To specifically change default port (3306) is something different:  port = 1234bind = 10.10.10.10      #as an example 

After making changes to the .cnf file, stop and restart the database service.

MariaDB must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accord with the Ports, Protocols, and Services Management (PPSM) guidance.

Description

Remediation Templates

A Manual Procedure