Hi,
I am new to using mysql. I want to prepare an application for my employer.
The
application will be accessed by staff from as many as 10 different
departments
such as sales, marketing, admin, finance etc. The users will be using DML
commands
on the tables. My question has two parts:
Part
On Mon, May 24, 2010 at 1:42 PM, Martin Gainty wrote:
> Good Afternoon Rob-
>
> if you're implementing either glassfish or weblogic webserver
> your "best fit solution" would be Oracle Identity Manager
>
> there are 'other' identity solutions such as RSA which are
> 1)far more complex ..
> 2)virtu
Good Afternoon Rob-
if you're implementing either glassfish or weblogic webserver
your "best fit solution" would be Oracle Identity Manager
there are 'other' identity solutions such as RSA which are
1)far more complex ..
2)virtually hackproof..
at random intervals RSA implements an alte
On Mon, May 24, 2010 at 12:07 PM, Jerry Schwartz wrote:
>>-Original Message-
>>From: Rob Wultsch [mailto:wult...@gmail.com]
>>Sent: Saturday, May 22, 2010 11:52 AM
>>To: Martin Gainty
>>Cc: mysql@lists.mysql.com
>>Subject: Re: Security issues
>>
>>On Sat, May 22, 2010 at 5:44 AM, Martin Ga
>-Original Message-
>From: Rob Wultsch [mailto:wult...@gmail.com]
>Sent: Saturday, May 22, 2010 11:52 AM
>To: Martin Gainty
>Cc: mysql@lists.mysql.com
>Subject: Re: Security issues
>
>On Sat, May 22, 2010 at 5:44 AM, Martin Gainty wrote:
>> Good Morning Rob-
>>
>> one vulnerability (with U
Hi there,
I am new to using mysql. I want to prepare an application for my employer. The
application will be accessed by staff from as many as 10 different departments
such as sales, marketing, admin, finance etc. The users will be using DML
commands on the tables. My question has two parts:
Pa
mg>zoom down to walters question(s)
> Hi Carl,
>
> On Mon, May 24, 2010 at 13:42, Carl wrote:
>
> 1. Is the data visible during transmission?
>
> Not sure what you mean there?
mg>he means if someone was sharking the line would they be able to see
Financial Information / HealthInformation th
Mark and Patrick,
The data is encrypted on the servers (wouldn't want it any other way.) So,
I believe we would be transmitting encrypted data over a secure line (SSL,
SSH, VPN, whatever.) Doesn't sound to me that there is much of a chance a
bad person could ever see anything. Can anyone se
I beleive the issue is more storage related than anything else.
Multiple servers exponentially increased risk of compromise.
Carl wrote:
> This is both interesting and puzzling.
>
> The only way credit card information can be aquired is through SSL
> communication with the user (user enters cr
This is both interesting and puzzling.
The only way credit card information can be aquired is through SSL
communication with the user (user enters credit card information which is used
to authorize the transactions, whatever.) Yet, that same process is not
sufficient to comply with PCI DSS r
On 24/05/2010 13:40, Walter Heck wrote:
Carl,
if you want to be secure, do not use the internet to transfer your
data. SSH, VPN and SSL can not give you the kind of security a private
line can give you. That is a tad expensive though :)
That's true, but again that's not really answering the qu
Carl,
if you want to be secure, do not use the internet to transfer your
data. SSH, VPN and SSL can not give you the kind of security a private
line can give you. That is a tad expensive though :)
Walter
On Mon, May 24, 2010 at 15:33, Carl wrote:
> John,
>
> I am familiar with the PCI regs and
ssl is not enough for pci dss compliance. If you store credit card
information and are not pci compliant you can be heavily fined and have your
ability to process/accept credit card payments permanently removed.
The storage and transmission of credit card details demands end-to-end
encryption and
John,
I am familiar with the PCI regs and am trying to accomodate them. Our process
requires that the card information is available on both servers so it is more a
question of how than if.
Thanks,
Carl
- Original Message -
From: John Daisley
To: Carl
Cc: Walter Heck ; mysql
I think setting up few more configuration variable in replication will
secure the data in plain text transmission .
#--master-ssl
#--master-ssl-ca
#--master-ssl-capath
#--master-ssl-cert
#--master-ssl-cipher
#--master-ssl-key
http://dev.mysql.com/doc/refman/5.0/en/replication-options-slave.html
h
You need to check pci compliance rules before you go replicating and
transmitting credit card data.
On 24 May 2010 14:15, Carl wrote:
> Interesting. How is the best way to protect the information while using
> master - master replication on remote sites? (The data contains the
> information o
Interesting. How is the best way to protect the information while using master
- master replication on remote sites? (The data contains the information of
children, credit cards and bank accounts.)
Thanks,
Carl
- Original Message -
From: John Daisley
To: Carl
Cc: Walter Hec
yes.. SSL can implement number of encryption algorithms
but when a webserver configuration is configured with HTTP (instead ofHTTPS)
http://www.pgp.com/
export mysql rows to PGP encrypter ..transmit via some secure
mechanism sftp/scp (or ftp/cp without secure handshakes)
the PGP decry
also consider that it is much more likely that remote slaves will start
falling behind particularly if you throw encryption into the equation.
Regards
John
On 24 May 2010 13:24, Carl wrote:
> Walter,
>
> Don't know how I missed that but it exactly what I needed.
>
> Thanks,
>
> Carl
> - Or
Walter,
Don't know how I missed that but it exactly what I needed.
Thanks,
Carl
- Original Message -
From: "Walter Heck"
To: "Carl"
Cc:
Sent: Monday, May 24, 2010 5:49 AM
Subject: Re: Master - master replication
Hi Carl,
On Mon, May 24, 2010 at 13:42, Carl wrote:
1. Is the dat
Hello Carl
MySQL advertises an encryption package using the ENCRYPT('hello') but to date i
have'nt find any information on where to download and configure the encrpytion
package
did you look at http://www.critotech.com
?
Martin Gainty
__
Verzicht u
Hi Carl,
On Mon, May 24, 2010 at 13:42, Carl wrote:
> 1. Is the data visible during transmission?
Not sure what you mean there?
> 2. Is there a way to encrypt the data during transmission?
MySQL supports SSL encryption of replication. Here's a good starting
point: http://dev.mysql.com/doc/refm
I am setting up master - master replication between two sites that are in
separate facilities that are hundreds of miles apart.
The operating systems are Slackware 13, the MySql version is 5.1.41 (will
probably upgrade to latest.)
I have two questions:
1. Is the data visible during transmis
Hello Stewart,
Stewart Smith a écrit, Le 24.05.2010 11:38:
On Mon, 24 May 2010 10:45:30 +0200, Guilhem Bichot wrote:
bzr branch lp:mysql-server/trunk mysql-trunk
Download was 200MB.
~20minutes on ADSL from Australia
bzr using 100% CPU
bzr using ~600MB RAM
Thanks for the numbers. Does
On Mon, 24 May 2010 10:45:30 +0200, Guilhem Bichot wrote:
> bzr branch lp:mysql-server/trunk mysql-trunk
Download was 200MB.
~20minutes on ADSL from Australia
bzr using 100% CPU
bzr using ~600MB RAM
--
Stewart Smith
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/
Hello,
Please, read this email if you are using Bazaar branches of MySQL Server
code located on Launchpad (at https://code.launchpad.net/mysql-server ).
Continuation of my email of yesterday sent to the same lists.
It seems that Launchpad has finished converting at least the main
branches (m
26 matches
Mail list logo
