MySQL
  Home arrow MySQL arrow Page 2 - MySQL Security Overview
FaxWave - Free Trial.
Dev Shed Forums 
Administration  
Apache  
BrainDump  
DHTML  
Flash  
Java  
JavaScript  
Multimedia  
MySQL  
Oracle  
Perl  
PHP  
Practices  
Python  
Reviews  
Security  
Style-Sheets  
Web Services  
XML  
Zend  
Zope  
Forums Sitemap 
IBM® developerWorks 
Dedicated Servers 
E-Commerce Hosting 
Linux Web Hosting 
Managed Hosting 
Small Business Hosting 
Download TestComplete 
VPS Hosting 
Weekly Newsletter

 
Developer Updates  
Free Website Content 
IBM Developerworks
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid 
Request Media Kit
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
MYSQL

MySQL Security Overview
By: Leidago
  • Search For More Articles!
  • Disclaimer
  • Author Terms
    		•
    Rating: 4 stars4 stars4 stars4 stars4 stars / 18
    2006-11-27

    Table of Contents:
  • MySQL Security Overview
  • Passwords
  • Data transmission
  • Testing Web Forms
    		•

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
    		 
     
     
    ADVERTISEMENT

    Dell PowerEdge Servers

    MySQL Security Overview - Passwords
    (Page 2 of 4 )

    When storing passwords in your database, take care not to store your passwords in plain text. If your system becomes compromised, the intruder will have a field day with your list of passwords. Encrypt them with MD5() or SHA1() or any other one way hash function, to make it hard for any intruder to get any passwords they can do anything with.

    Also, make sure that you combine numbers and letters when generating a password. There are sophisticated password crackers being developed as we speak and although any password that you create can eventually be broken, you can make it difficult for intruders to do so by just making this small effort. Another method of creating memorable but difficult passwords is to think of a sentence such as "Mary had a little lamb" and take the first letter of each word in the sentence. This will give you something like this: "mhall." You can then add a memorable number to the word, and to make this even more difficult you can capitalize some of the letters. Arrange the numbers around the letters, so that it is easy to remember, but difficult to guess for someone who does not know the password.

    Firewalls

    You are probably sick of hearing this, but proper firewall protection is absolutely essential if you have an Internet connection. It will help keep a significant number of exploits and other attacks off your system and therefore away from your MySQL installation. So if at all possible try to install a firewall and make sure to put MySQL behind it.

    Also most attacks are made possible by a port being open. A firewall blocks this kind of access, if configured to do so. After installing a firewall you can test whether the port at which MySQL listens is open or closed. You can do this with a program like Telnet. Just type:

    telnet mysql 3306

    If you get a reply with garbage, then the port is open and should be closed. If you do not get any reply, then the port is closed, which is what we want.

    Next: Data transmission >>
     

    More MySQL Articles
    More By Leidago


       · This article looks at all the techniques that is used by MYSQL to make databases...
       · Hi.I would like to mention another great tool that could be used to protect your...
     
    >>> Post your comment now!

       

    MYSQL ARTICLES

    - MySQL Table Prefix Changer Tool in PHP
    - Using the SIGNAL Statement for Error Handling
    - Error Handling Examples
    - Error Handling
    - Completing a Search Engine with MySQL and PH...
    - Paginating Result Sets for a Search Engine B...
    - Building a Search Engine with MySQL and PHP 5
    - Using Boolean Operators for Full Text and Bo...
    - PHP, MySQL and the PEAR Database
    - Working with PHP and MySQL
    - Getting PHP to Talk to MySQL
    - Creating an RSS Reader: the Reader
    - MySQL Security Overview
    - Creating the Admin Script for a PHP/MySQL Bl...
    - Creating the Blog Script for a PHP/MySQL Blo...
    Find More MySQL Articles
     
    Accelerating Trading Partner Performance
     
    Competing on Analytics
     
    Cost Effective Scaling with Virtualization and Coyote Point Systems
     
    Five Checkpoints to Implementing IP Telephony
     
    Hosted Email Security: Staying Ahead of New Threats
     




    © 2003-2008 by Developer Shed. All rights reserved. DS Cluster 4 hosted by Hostway