Securing MySQL (and other databases)By Blane Warrene
In light of recent news of massive intrusions into enterprise database systems holding sensitive customer information – it is obvious reminders on hardening databases is not old news. Especially considering some of the compromises were executed only because customer data was not encrypted.
Starting with MySQL – I have assembled several links I have collected over time on securing various dbs to make compromise that much more difficult. Some information is basic fundamentals – which is great for those just starting to explore these systems – along with some links to further reading.
Something to remember (and many readers have suggested they do this already) – always use ssh when administering your remote database servers. If using a GUI tool for remote admin – be sure to select an application that supports port forwarding to a secure port.
Tips and techniques on some other popular systems include:
Oracle – http://www.orafaq.com/faqdbase.htm