MySQL Forums
Forum List  »  Security

InterNet Facing MySQL 5.5 Server
Posted by: Matt Lager
Date: April 25, 2011 10:54PM

I've developed a project in .NET that will be "cloud" based storing and retrieving all of it's information from a central Internet based MySQL server. The Connector.NET components are used, and all logins utilize the REQUIRE SSL flag on their grant statements. All certificates (PFX) are coupled with a 32 character certificate password, along with a standard MySQL username and password. The username, passwords, and keys are stored in an encrypted fashion along side the .NET app. This is an installable app, not a web based app.

It's not really a form app, so there isn't users entering data that gets stored, so injection attacks are minimal, it's more of a way for the app to get information, link up to local data that they have, as well as provide a simple file distribution method by storing files in BLOBs.

I've seen too much talk about NOT allowing a MySQL server to face the net, and where possible, access is restricted by host, but in some cases mobile users will have a @%.

So my question is, keeping in mind that the server itself must be secure, mysql must be secured using SSL and strong passwords, and the application must be secure, do I have a false sense of security? With all of the urgency to shut MySQL off from the world, it would seem that people think port 3306 open on the net is an easy target, but I think that can be done safely.

Comments? Suggestions? Love to hear what other people think, because MySQL can power some really cool stuff, and essentially can be "the cloud".

Cheers!

Options: ReplyQuote


Subject
Views
Written By
Posted
InterNet Facing MySQL 5.5 Server
3345
April 25, 2011 10:54PM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.