Vulnerability Development mailing list archives
Re: Weakness of static addr & MySQL database
From: jkinney () TELLER PHYSICS EMORY EDU (Jim Kinney)
Date: Thu, 20 Apr 2000 14:07:06 -0400
think of it this way: A static IP implies a specific machine. A specific machine can be placed behind a physically locked door. Only certain people have the keys to that door. So that adds another layer of security to the admin portion of the database. I require that the admin be on the console of the database machine. This prevents any access for dropping databases from over the wire. I can submit admin jobs as perl scripts than run from cron using this. Also, I can ssh into the machine and admin from remote. The key thing is to limit password exposure onthe wire. JimK "Tompkins, William A" wrote:
Could you please provide an opinion on the requirement for static addresses and the MySQL database. Assuming that the sysadmin meets all of the other security requirements, what part is the static address assignment going to play in the security of access? Regards, William Tompkins, CISSP, CRP, CBCP Manager of Information Security Univ. of Tx Health Science Center at San Antonio 210-567-2308
-- Jim Kinney Educational Technology Specialist Physics Department 404-727-4734 Emory University jkinney () teller physics emory edu
Current thread:
- Re: History Files, (continued)
- Re: History Files Michael Jennings (Apr 16)
- Cooments on the dvwssr.dll vulnerability threads Iván Arce (Apr 17)
- Re: History Files Senior Systems Administrator - Kris W. (Apr 16)
- Re: History Files chris () STRICTLY NOSUCKAZ NET (Apr 15)
- quick dirty and most of all-easy process accounting via lkm Security Team (Apr 16)
- Re: History Files George Dodd (Apr 18)
- Re: History Files Perly (Apr 19)
- Re: History Files joyce (Apr 19)
- non-exec stack Lamagra Argamal (Apr 19)
- Weakness of static addr & MySQL database Tompkins, William A (Apr 20)
- Re: Weakness of static addr & MySQL database Jim Kinney (Apr 20)
- Re: History Files Jeff Bachtel (Apr 15)
- Re: History Files Ron DuFresne (Apr 15)
- Re: History Files Erik Fichtner (Apr 15)
- Re: History Files Scott D. Yelich (Apr 19)