Hi, I was wondering if someone could tell me if there is any potential security breeches that could occur by connecting to a sql database that does not reside at 'localhost' i.e. via ip address?
Regards,
Phil
+3
A:
Yes, breaches do occur by not protecting the connection to your database. This is a network secuirty question more so than an Application secuirty question. Thus this answer is entirely dependent on your network topography.
If a segment of your network maybe accessible by an attacker, then you must protect yourself with cryptography. For instance you have a malicious individual who has compromised a machine on your network, then they can conduct an ARP Spoofing attack to "Sniff" or even MITM devices on a switched network. This could be used to see all data that flows in and out of your database, or modify the database's response to a specific query (like a login!). If the network connection to your database is a single rj45 twisted connection to your httpd server all residing inside a locked cabinet, then you don't have to worry about a hacker sniffing this. But if your httpd is on a wifi network and then connecting to a database in China, then you might want to think about encryption.
You should connect to your MySQL database using MySQL's built-in SSL ability. This insures that all data transferred is highly protected. You should create self-signed x509 certificates and hard code them. This is free, and you don't need a CA like Verisign for this. If there is a certificate exception then there is a MITM and thus this stops you from spilling the password.
Another option is a VPN, and this is better suited if you have multiple daemons that require secure point to point connections.
Rook
2010-04-14 16:52:23
wow... I have really little experience in servers and such... I will be renting a dedicated server from heartinternet for my latest project. the 99% of the site will reside there, the small percent ( 1 page ) will be on a different server ( a reseller account ) which will be used only to display a users profile page ( the profile url is a wildcard subdomain which the domain is shorter than the previous - only reason why i asked ).
Phil Jackson
2010-04-14 17:19:15
Would it be wise to keep both domains on the dedicated server?
Phil Jackson
2010-04-14 17:25:27
For a simplicity and secuirty I would host the reseller page on the same server. If you need to share user account information between servers I would look into oAuth/OpenID or perhaps a custom SOAP service, depending on your needs.
Rook
2010-04-14 17:57:02
+1
A:
It's usually the other way round that the bigger problem lies, vulnerabilities in the MySQL server being exploited by untrustworthy clients.
However, yes, there have also been client vulnerabilities in the past (eg.) that would allow an untrustworthy server to attack the client.
Naturally you should keep your MySQL client libraries up to date to avoid such possibilities, as well as updating the server.
If your connection to the server is going over the internet (rather than a private network), you should consider running it over an encrypted link (either MySQL's own SSL scheme or using a tunnel). Otherwise any man-in-the-middle could fiddle with the data going in and out of the database, and if there are client or server vulnerabilities those could also be targeted.
bobince
2010-04-14 16:54:04
In this scenario a firewall/user account settings is better suited than a tunnel. +1 Rogue clients is a valid concern when having a remote database.
Rook
2010-04-14 16:58:14