I personally use SSH (running as a server on the Unix/Linux system running
MySQL, and which is now included in the RedHat 7 release series) which is
configured to accept only 'ranges' of IP address (subnets that my dialup
ISP might assign me, like 207.25.33.* 207.25.34.*). That should
pretty much protect you from 'snooping' while you're logging into the
system, and administering MySQL (and other stuff).
If you're performing any 'client/server' type of tasks, you'd can do some
more research and try to 'tunnel' the MySQL traffic thru the encrypted
connection. I have both my SSL webserver and MySQL db server next to each
other, with a dedicated 'private' network between them (it's just a
'crossover' network cable), so no one can watch what they're discussing...
Gary Garrett wrote:
> Yes, reverse lookups are a good idea from a static address but AITCOM is
> marketing reseller stuff to people who use dial-up connections and
> dynamic IP addresses. DNS does not have inaddr-arpa entries for dynamic
> addresses. It sounds to me if the passwords are sent in clear text, no
> Mysql Database is safe across the internet. Is there a way to encrypt
> these passwords? Even on the local network a sniffer could get a Mysql
> connection password if sent from any host other than the server console.
> What should a guy do about this?
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
