1. Something you should do after you run the mysql_install_db script Give your mysql root user a password to login and access the DB locally on the host that your running the sql server on.

EXAMPLE: mysql>SET PASSWORD FOR root@localhost=PASSWORD('some_new_password');

2. Get rid of the test database no need for it invites unwanted browsers and users that like poking around.

EXAMPLE: mysql>drop database test;

3. Select your mysql db, delete the host and user tables where theres null users and users with no passwords then flush # the privileges same as rehash or refreshing the db in short.

EXAMPLE: mysql>use mysql;

EXAMPLE: mysql>delete from db;

EXAMPLE: mysql>delete from user where not (host="localhost" and user="root");

EXAMPLE: mysql>flush privileges;

4. Prevent random attacks on user mysql root best to change the root users nick for the DB and if a attacker don't know the name of the root user it makes it that much more work for them to compromise the sql database on the host.

EXAMPLE: mysql>update user set user="new_root_user_name" where user="root";

5. Like the above anytime you make changes to users and hosts flush the prilleges or reload the server.

EXAMPLE: mysql>flush privileges;

6. So to login to your sql server as root to do admin work or check status and etc you will now use the example below with the -p option for the server to prompt you for your root password.

The above isn't going to 100% save you or your sql host from being compromised but its just one more extra step to take to prevent it from happening and also making it harder for the DB server to be cracked or exploited through different privillaged esculation attacks.