MySQL Security Overview - Data transmission (Page 3 of 4 )
Do not transmit plain text (basically unencrypted) data over the Internet, because anyone who has the time and know-how will be able to intercept your communications and use them for their own purposes. A protocol such as SSL or SSH would go a long way to secure your communication over the Internet. As of version 4.0.0 MySQL supports internal SSL connections. SSH port-forwarding can be used to create an encrypted (and compressed) tunnel for the communication.
To check whether your MYSQL data streams are encrypted, use a utility like windump or tcpdump (for UNIX). Both are available at http://www.winpcap.org/ Once you have installed all the relevant DLLs and drivers, simply execute windump.exe and you should be able to see all network communications. Another good network traffic analyzer is ethereal (available at www.ethereal.com), which you can also use to see whether or not your MYSQL server data stream is encrypted.
Web Form Data
It is advisable to never trust data entered by users in your applications. Just recently I had the unfortunate experience of dealing with a security breach that was caused by a user entering "DROP DATABASE mysql;" into a form. Now, the script that was written to handle this form data was not written with security in mind, so of course the intruder succeeded.
This is but one example of why you should not trust user input to be safe. Intruders can use many other ways to trick your code into revealing more about your database. A common mistake that we programmers make is to protect only the string data when processing form data. While it is good to do this, it would be even better to check numeric or integer data as well. PHP has an is_numeric() function that you can use to make sure that numeric data is used properly. Other programming languages will have different functions to verify data. For example, if your application uses a query like
SELECT * FROM tblname WHERE ID=456
where the number 456 is entered by the user in a form, then the server will just go and retrieve that record. But a intruder can very easily fool your code by entering:
"456 OR 1=1"
This will change your query to:
SELECT * FROM tblname WHERE ID=456 OR 1=1
This will cause your query to retrieve all the records in your table and expose data that should not be exposed. In addition this kind of security breach can also cause excessive server load, making your server unresponsive or slow. The solution to this kind of attack is to use apostrophes around the numeric values. So the query would look something like this:
SELECT * FROM tblname WHERE ID='456'
So if any additional data is added to the number it will become part of the string. In a numeric context (meaning that we assume the ID field in the query above is a integer), MySQL will automatically convert this string to a number and strip any trailing non-numeric characters from it.
Next: Testing Web Forms >>
More MySQL Articles
More By Leidago
/ 18 
