I have a MySQL Installation which has recently been compromised. Unfortunately this was due to another person leaving the 'root' account remotely accessible. I am currently trying to create an admin account which is locked down to specific IP Addresses and revoke the remote access on root.
Run the following SQL script, to remove all access from remote hosts for the ‘root’ user
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
After this perform