Security Guidelines
- The entire server host should be protected against all types of applicable attacks:
- Eavesdropping
- Altering
- Playback
- Denial of service
- When running MySQL, follow these guidelines whenever possible:
- Never give anyone access to the user table in the
mysql database!
- Except MySQL
root accounts.
- Do not grant more privileges than necessary.
- Never grant privileges to all hosts.
- Do not store any plain-text passwords in the database.
- Use
MD5(), SHA1(), or some other one-way hashing function.
- Choose passwords wisely.
- Invest in a firewall.
- Put the MySQL server host behind the firewall or in a demilitarized zone (DMZ).
- Do not trust any data entered by users.
- Do not transmit unencrypted data over the Internet.
- Learn to use the
tcpdump and strings utilities to check whether MySQL data streams are encrypted.
How do I secure MySQL against attack?
© 2007 John Michael Pierobon
Notes
![[OUTLINE]](../images/index.gif)
![[PREVIOUS]](../images/back.gif)
![[NEXT PAGE]](../images/next.gif)
![[CHAPTER 4]](../images/up.gif)