Blog Post

Blogs » Open Source » Securing MySQL (and other databases)

Securing MySQL (and other databases)

In light of recent news of massive intrusions into enterprise database systems holding sensitive customer information - it is obvious reminders on hardening databases is not old news. Especially considering some of the compromises were executed only because customer data was not encrypted.

Starting with MySQL - I have assembled several links I have collected over time on securing various dbs to make compromise that much more difficult. Some information is basic fundamentals - which is great for those just starting to explore these systems - along with some links to further reading.

Something to remember (and many readers have suggested they do this already) - always use ssh when administering your remote database servers. If using a GUI tool for remote admin - be sure to select an application that supports port forwarding to a secure port.

MySQL’s site has some solid basics as well as a great Security Focus article on building a strong MySQL installation.

Tips and techniques on some other popular systems include:

IBM’s DB2 - http://www.informit.com/articles/article.asp?p=102226&rl=1

Microsoft SQL Server:
1) http://www.sqlsecurity.com/DesktopDefault.aspx
2) http://www.microsoft.com/sql/techinfo/administration/2000/security/securingsqlserver.asp

Oracle - http://www.orafaq.com/faqdbase.htm

PostgreSQL - http://www.postgresql.org/docs/8.0/interactive/admin.html

If you liked this blog, share the love:

Save to Del.icio.us

This entry was posted on Tuesday, June 28th, 2005 at 1:22 am, contains 177 words, and is filed under Open Source. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed. The views and opinions in this blog post are those of its author.

This post has 3 responses so far

Glasso Says:
June 28th, 2005 at 3:17 am

Just Starting to use MySQL seriously. I timely post Blane …. Thanks
Andrew-J2000 Says:
June 29th, 2005 at 1:54 am

I ordered “High Performance MySQL” yesterday; however, i’m curious to know of any security tips for securing clustered enviroments for MySQL. Particuly replication…
danut Says:
July 1st, 2005 at 4:52 pm

I think taht mysql are one of the best part of web prgramming. Robust and also fragile.

My opinion.

Leave a response

Your Blogmaster is...

Blane Warrene

Blane is a writer and researcher focusing on Apple and Open Source technologies. Prior to this, he helped found a commercial software and consulting venture, and worked in the financial services sector as a director of technology and in varying technical roles. Blane maintains Open Sourcery: SitePoint's Open Source Blog.

SitePoint Blogs

SitePoint Marketplace

Buy and sell Websites, templates, domain names, hosting, graphics and more.

Tell me more...

Logo Design, Web page Design and more!

Custom logo designs created ‘just for you’.
Pick the design you like best.
Only pay if you’re satisfied with the result.

Visit 99designs.com

FREE KIT OFFER! (worth $200)

SitePoint Kits

Download sample chapters of any of our popular kits.

SitePoint Books

Download sample chapters of any of our popular books.

Posting Code Snippets

Feel free to enter code snippets into your comments in the following format.

Marking Up Your Code

<pre>
<code class='html'> 
code snippet 
</code>
</pre>

Be sure to escape any HTML snippets (i.e. '<' becomes '<' ).

Supported language classes include:

XML, HTML, XSLT and any other XML style code
CSS
C#
VB & VB.NET
Delphi, Pascal
JavaScript
PHP
Python
SQL