Mike Correct and this is the architecture. The internet facing box has a routable IP, the DB box is separate and is not ext routable.
The issue the security review highlighted strongly was the fact that if a hacker got access to the box (however) then copying /var/lib/mysql/database would result in a major security breach To the chap who siad its not a DB issue - I will check with Oracle but I'm sure that dropping in a directory in oracle will not give you full access to a database (a clear one that is) Thomas -----Original Message----- From: Mike Brum [mailto:[EMAIL PROTECTED] Sent: 26 November 2003 13:36 To: Curley, Thomas; [EMAIL PROTECTED] Subject: RE: Security Question One of the first things that I did at my former job was to turn off all external-facing network adapters to our DB machines. If you're fortunate enough that your DB resides on it's own box and not the webserver itself, then there's really no reason that you *need* to have it externally facing. There are PLENTY of solutions that you can put in place in order to still have remote access to those machines without them having an externally routable IP. While it is possible for a hacker to compromise one machine and then access the DB machine over your internal WAN at the hosting location, the more roadblocks you put between a potential hacker and your sensitive data, the better. -M -----Original Message----- From: Curley, Thomas [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 26, 2003 8:22 AM To: [EMAIL PROTECTED] Subject: RE: Security Question Importance: High thanks for reply - the requirement comes from a security audit - so try to think in terms of a hacker Obviously and (I had assumed) 1. - the files would have tight unix security file permissions applied 2. - indeed the key would be stored on an internal tightly managed box (or device) Another Assumption ------------------ Encrypting / decrypting all data on the fly would be too expensive and grind the app to a halt So the question again :- Any ideas on how to avoid having data files stored with absolutely no protection against copying ???? If there is no solution to this then MySql should not be used on internet accessible boxes for dynamic web sites Thomas -----Original Message----- From: Fagyal, Csongor [mailto:[EMAIL PROTECTED] Sent: 26 November 2003 12:51 To: Curley, Thomas Cc: [EMAIL PROTECTED] Subject: Re: Security Question Thomas, >I am trying to find a solution to the following security issue with >MySql DB on linux > >- Someone copies the DB files to another box, starts a mysql instance, >loads the DB and presto - views the 'private' data !!! > > Well, "someone" should not have access rights to the DB files on the first hand. >Ideally I would like to know if there is any option in MySql to store >the DB files in a secure format and one that needs a key or similiar to open the DB > > If someone was able to access your DB files, he would probably also be able to access that key (that you must store _somewhere_), wouldn't he? - Csongor **************************************************************************** ***************** This email and any attachments are confidential and intended for the sole use of the intended recipient(s).If you receive this email in error please notify [EMAIL PROTECTED] and delete it from your system. Any unauthorized dissemination, retransmission, or copying of this email and any attachments is prohibited. Euroconex does not accept any responsibility for any breach of confidence, which may arise from the use of email. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the Company. This message has been scanned for known computer viruses. **************************************************************************** ***************** -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED] ********************************************************************************************* This email and any attachments are confidential and intended for the sole use of the intended recipient(s).If you receive this email in error please notify [EMAIL PROTECTED] and delete it from your system. Any unauthorized dissemination, retransmission, or copying of this email and any attachments is prohibited. Euroconex does not accept any responsibility for any breach of confidence, which may arise from the use of email. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the Company. This message has been scanned for known computer viruses. ********************************************************************************************* -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]