Re: Ever heard of anything like this?
I personally use SSH (running as a server on the Unix/Linux system running MySQL, and which is now included in the RedHat 7 release series) which is configured to accept only 'ranges' of IP address (subnets that my dialup ISP might assign me, like 207.25.33.* 207.25.34.*).That should pretty much protect you from 'snooping' while you're logging into the system, and administering MySQL (and other stuff). If you're performing any 'client/server' type of tasks, you'd can do some more research and try to 'tunnel' the MySQL traffic thru the encrypted connection. I have both my SSL webserver and MySQL db server next to each other, with a dedicated 'private' network between them (it's just a 'crossover' network cable), so no one can watch what they're discussing... Gary Garrett wrote: > Yes, reverse lookups are a good idea from a static address but AITCOM is > marketing reseller stuff to people who use dial-up connections and > dynamic IP addresses. DNS does not have inaddr-arpa entries for dynamic > addresses. It sounds to me if the passwords are sent in clear text, no > Mysql Database is safe across the internet. Is there a way to encrypt > these passwords? Even on the local network a sniffer could get a Mysql > connection password if sent from any host other than the server console. > What should a guy do about this? - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: Ever heard of anything like this?
Yes, reverse lookups are a good idea from a static address but AITCOM is marketing reseller stuff to people who use dial-up connections and dynamic IP addresses. DNS does not have inaddr-arpa entries for dynamic addresses. It sounds to me if the passwords are sent in clear text, no Mysql Database is safe across the internet. Is there a way to encrypt these passwords? Even on the local network a sniffer could get a Mysql connection password if sent from any host other than the server console. What should a guy do about this? - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: Ever heard of anything like this?
Just a note. If you're requesting "telnet" or "ftp" access to your 'colocated' systems, the issue isn't only with your 'ISP'. I just got finished assisting another MySQL user in rebuilding his system (for the 2nd or 3rd time) who has been using "telnet" and "ftp" to remotely administer his systems (it appeared that the machine had been 'hacked', and once rebuilt, they just watched for the new login password, and hacked it again). Though the MySQL manual (and other README notes) makes it clear that you should set a "root" password to protect your MySQL data from intruders, they don't mention that you shouldn't 'broadcast' this info (or any other MySQL user login info) over the Internet 'in the clear'. Why you would want any hacker watching your network traffic to 'grab' your login name and password is beyond me... The issue of 'reverse DNS lookups' IS relevent if they (or you) are using any kind of 'allow/deny' lists which will need to authenticate you before making a decision on whether to grant or deny access. A lot of Internet Email systems are now 'bouncing' mail that they recieve which they can't do a 'reverse lookup' on the incoming IP to make sure it's really from who it says it is... Gary Garrett wrote: > We are also using AITCOM and often have problems. They seem to work on > their network at noon on Sat. and traceroutes die at their network.They > seem to go offline randomly also. We asked for telnet access to > administer a Mysql database and can't get it to work. They say our DNS > is not configured for reverse lookups.. what the hell our DNS has to > > do with their telnet I don't know. Their tech support is like M$oft, > technically correct but has no relevance to the problem. You would be > better served to learn Linux and see Rackspace.com for a dedicated > Server you have full access to. Best bet is to find a NOC close to you > in Internet space. >
Re: Ever heard of anything like this?
We are also using AITCOM and often have problems. They seem to work on their network at noon on Sat. and traceroutes die at their network.They seem to go offline randomly also. We asked for telnet access to administer a Mysql database and can't get it to work. They say our DNS is not configured for reverse lookups.. what the hell our DNS has to do with their telnet I don't know. Their tech support is like M$oft, technically correct but has no relevance to the problem. You would be better served to learn Linux and see Rackspace.com for a dedicated Server you have full access to. Best bet is to find a NOC close to you in Internet space. - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: Ever heard of anything like this?
>>We are on a virtual server..we set up with this >>company AITcom.net to be resellers. This is your problem, right here. I had an account with them for 1 month. I was going to move one of my small sites over and if it worked out, move all my sites over. in 1 month, they shut my server down 6 times. They disabled my telnet, canceled my SSH AND reloaded MySQL, erasing a production database. Cal - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Ever heard of anything like this?
I can't connect to my database via mysql This is the load of crap I'm getting... I would appreciate any input or feedback you have. We are on a virtual server..we set up with this company AITcom.net to be resellers. First of all we are getting this error message when we try to connect to the database. Can't connect to local MySQL server through socket '/tmp/mysql.sock' Here is their version of an answer to my problem I wanted to get back to you as soon as possible with an answer. Here is what I found. The Pearl modules will not run in a change root file system. The user name that is being called does not exist on your server. Also, there may be a problem with the version of Pearl being used. The only solution is to have a dedicated server where you have root access to the box. Our shared hosting solution is designed for a virtual server using a proprietary Linux operating system. With a dedicated server, you can have any version of Linux you would like and any version of Pearl. This would allow you full control over the server and as you have stated this works on every other server you have installed. I know this has been a frustrating time for you and I would like to offer a solution. I will transfer all monies paid to AIT over to the cost of a dedicated server 4. If this solution is acceptable, please let me know and I will have the necessary paper work sent to you. I look forward to your response. Our people are saying that the solution is this... > > > > Tony, > > > > > > > > If your still getting the .sock error, ask your ISP to > > > > recompile DBD::mysql on the server... > > > > > > > > There is NO configuration within our programs that > > > > interacts with DBD::mysql in any way that can cause or > > > > effect that error. When DBD::mysql is compiled (installed), > > > > it makes a note of where MySQL is and always referrs > > > > back to that note for connecting. If its not connecting, its > > > > likely that DBD::mysql was either installed from RPM or > > > > binaries or copied from another server rather then actually > > > > compiled on that one, OR, the MySQL server has been > > > > moved, changed, upgraded, or otherwise. Help! Please! Anthony Giuliani Director of Operations 21st Century Marketing & Training Solutions, Inc. [EMAIL PROTECTED] voice...407-831-8722