Securing MySQL (and other databases)

In light of recent news of massive intrusions into enterprise database systems holding sensitive customer information – it is obvious reminders on hardening databases is not old news. Especially considering some of the compromises were executed only because customer data was not encrypted.

Starting with MySQL – I have assembled several links I have collected over time on securing various dbs to make compromise that much more difficult. Some information is basic fundamentals – which is great for those just starting to explore these systems – along with some links to further reading.

Something to remember (and many readers have suggested they do this already) – always use ssh when administering your remote database servers. If using a GUI tool for remote admin – be sure to select an application that supports port forwarding to a secure port.

MySQL’s site has some solid basics as well as a great Security Focus article on building a strong MySQL installation.

Tips and techniques on some other popular systems include:

IBM’s DB2 – http://www.informit.com/articles/article.asp?p=102226&rl=1

Microsoft SQL Server:
1) http://www.sqlsecurity.com/DesktopDefault.aspx
2) http://www.microsoft.com/sql/techinfo/administration/2000/security/securingsqlserver.asp

Oracle – http://www.orafaq.com/faqdbase.htm

PostgreSQL – http://www.postgresql.org/docs/8.0/interactive/admin.html

Related posts:

1. How to Administer a Remote MySQL Database using SSH Tunneling Configuring remote MySQL databases with the command line or phpMyAdmin...
2. MySQL Cross-Platform Table Naming Craig highlights the biggest potential pitfall of porting your MySQL-based...
3. MySQL: the Pros and Cons of MyISAM Tables MySQL offers several database table types, but which is suitable...
4. EU to Investigate Oracle’s Acquisition of MySQL Here we go again. The European Commission will investigate the...
5. EU Object to Oracle’s MySQL Takeover Oracle's takeover of Sun Microsystems has been thrown into doubt...

This entry was posted on Tuesday, June 28th, 2005 at 1:22 am, contains 260 words, 6 images, and is filed under Open Source. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed. The views and opinions in this blog post are those of its author.