MySQL remote host user access strangeness

[bdominick]

I just found strange entries in some MySQL users I created on my server. I'm hoping someone can explain them. I'm not sure if they're abnormal, but I can't figure out how they got made or why. Hopefully just newbie confusion on my part...

I created a new db user for a specific database for a specific client account, let's call it "sam". Looking in phpMyAdmin, under the "Privileges" tab for that database, I see several hosts with various privileges for accessing the db as "sam" or as "root". Of course, localhost has priviveges. So does 192.168.1.%, which isn't too alarming, though I'm not sure exactly who that is or why it needs access, or if it's truly secure.

But "sam" has 72.171.5.145 listed as a host. I have no idea who that is. A DNS lookup didn't help. And "root" has a host called [removed] listed with full permissions. Not sure what that is, but I don't like the sound of it. In fact, for all db's the root user seems to have this [removed] host listed, though for the 72... IP only appears in custom users I create (or an installer creates) for a DB.

Am I ignorant of something here? Paranoid?

[jmarcv]

Never saw anything like that. You should probably put in a ticket on this I would say.

[jmarcv]

PS

Since this is a cpanel thing, you will need to provide a login for support since they won't be able to see that without logging in to YOUR cpanel account. That is, I am assuming it is cPanel and not WHM that you are doing this?

[bdominick]

No it is WHM. I have root on a dedicated server. I'll put in a ticket. Thanks!

[bdominick]

I see the vB software removed one of the hostnames I had entered.

[Matt]

It was removed by me. I'd prefer that name not be dispalyed for security reasons.