List:General Discussion« Previous MessageNext Message »
From:Sasha Pachev Date:June 15 1999 10:44am
Subject:Re: Database management
View as plain text  
Mark Pors wrote:
> 
> Hi,
> 
> We use Windows 95 PC's to manage our mysql database, that runs on unix.
> I would like to know what is a good way to manage your database.

If you ask me, I good way to manage a Unix database is from Perl scripts
and a command prompt, but that is just my personal preference :-)

> 
> Right now I export our data from the mysql db to a file, encrypt it and
> send it with e-mail to the PC's. On the PC we import it into Excell or
> MS Access. All this needs many manual actions, and has some other
> disadvantages.
> I prefer to use MyODBC, but this is not secure.
> A webform interface is not what we want either, because it doesn't have
> the flexibility of the MS programs.

Why do you say that MyODBC is not secure? If you are worried about
eavesdropping, you can using the port forwarding with
encryption/compression feature of SSH. 

However, in my experience, I have seen a lot of systems where
eavesdropping for MyODBC communication was the last thing thing they
would need to worry about. Here are some common security holes that are
much more likely to result in a compromise of your data than MyODBC
eavesdrop:

 -  telnet access - your password can be picked up from off the wire
much easier than your data going through ODBC
- ftp access - same as above
- vulnerable daemons with buffer overflow exploits running on the server

My favorite pet peeve is when someone runs a secure web server on a
machine that allows telnet access from anywhere on the Internet. 

> 
> Some of our requirements:
> 
> - Database information can only be send to a client PC if it is
> encrypted
> - Sensitive information has to be removed from the server asap.
> - Whole proces must be automated.
> 
> Are there any idea's how to do this?

Maybe a remote database server is not the best solution if you want to
remove the data from it immediately. What database servers are really
for is to collect and analyze large quantities of information. Maybe
what you should do is keep a local database server that is in a trusted
environment and securely deliver collected data to it from potentially
insecure locations.

> 
> Regards,
> Mark
> 
> --
> Mark Pors
> Green Globe
> E-mail: mark@stripped
> WWW: http://www.green-globe.com
> Tel: +31 23 544 1993
> Fax: +31 23 544 1994
> 
> ---------------------------------------------------------------------
> Please check "http://www.mysql.com/Manual_chapter/manual_toc.html" before
> posting. To request this thread, e-mail mysql-thread5237@stripped
> 
> To unsubscribe, send a message to the address shown in the
> List-Unsubscribe header of this message. If you cannot see it,
> e-mail mysql-unsubscribe@stripped instead.

-- 
Sasha Pachev
http://www.sashanet.com/ (home)
http://www.direct1.com/ (work)
Thread
Database managementMark Pors15 Jun
  • Re: Database managementSasha Pachev15 Jun
    • secure transmission to an unsercure site (off-topic)webmaster16 Jun