I just found strange entries in some MySQL users I created on my server. I'm hoping someone can explain them. I'm not sure if they're abnormal, but I can't figure out how they got made or why. Hopefully just newbie confusion on my part...
I created a new db user for a specific database for a specific client account, let's call it "sam". Looking in phpMyAdmin, under the "Privileges" tab for that database, I see several hosts with various privileges for accessing the db as "sam" or as "root". Of course, localhost has priviveges. So does 192.168.1.%, which isn't too alarming, though I'm not sure exactly who that is or why it needs access, or if it's truly secure.
But "sam" has 72.171.5.145 listed as a host. I have no idea who that is. A DNS lookup didn't help. And "root" has a host called [removed] listed with full permissions. Not sure what that is, but I don't like the sound of it. In fact, for all db's the root user seems to have this [removed] host listed, though for the 72... IP only appears in custom users I create (or an installer creates) for a DB.
Am I ignorant of something here? Paranoid?