Domain Name Hosting, Java Programming - Cheap Web Hosting Blog

Chapter 12 . Security 323 MySQL Authentication and Privileges Prior to getting down to the dirty business of working with users, I believe it is necessary to give an overview of the MySQL authentication system. This includes the stages of authentication as well as the privileges that can be granted and revoked. (This also gives me another chance to get on a soapbox about passwords.) Overview of MySQL authentication The MySQL privilege system works on a number of levels prior to allowing access to the server. Unlike systems where simply a username and password are examined to determine access, MySQL uses the username, password, and host to determine access level for the database. MySQL uses a two-stage process for determination of your access level, the connection level and process level. Using these two levels, in two sequential steps, the MySQL server determines . Whether you are allowed to connect at all. . Whether you have privileges to perform the requested operation or statement. During the first stage, which I will refer to as the Connection Stage, the MySQL server combines the user and host provided as credentials and determines if the given combination is allowed to connect with the given password. 1. The first phase of the Connection Stage combines the host, user, and password columns from the userstable of the MySQL grants database. If no database is included in the connection request, access is granted or denied at this point. The host column within the grants database can contain any valid hostname, IP address, or localhost. In addition, the wildcards % and _ are valid as are netmask values. For all hosts, the % wildcard can be used. For example, username 192.168.1.% would grant access to username from any address within the 192.168.1.0/24 range. This is the same as username 192.168.1.0/255.255.255.0 . If given username % then username at any host would be allowed. If a database is included within the connection request, the second phase begins. 2. The second phase of the Connection Stage of authentication is to verify credentials for the database. This phase is performed against the dbtable of the MySQL grantsdatabase. The dbtable is examined for host, database, and user. If access to all databases is granted to the user, this stage automatically passes; otherwise access is granted or denied, depending on the information in the dbtable.
We recommend high quality webhost to host and run your jsp application: christian web host services.

322 Part III . Administration Figure 12-14: The remaining output from the SHOW PROCESSLIST statement as produced by the MySQL CLI HTML switch The final step, though optional, is to schedule the script to run automatically. How often you would like to schedule the script depends on how busy your server is, and how often you want to schedule it. Using cronin Linux, I schedule the script to run every 15 minutes, as shown in Figure 12-15. Figure 12-15: Scheduling the monitoring script to run every 15 minutes by using the cron command in Linux
Go visit our java server pages services for a reliable, lowcost webhost to satisfy all your needs.

Chapter 12 . Security 321 Caution Be sure to control access to the script. It contains the password for one of the users on your MySQL server. You could get fancy and use a concatenate redirect of the output to place both commands in one file. Adding the output into one file gives you one place to monitor. You could also create another script to produce output at opposite intervals; thus you could monitor changes in the variables over time. The output from either script is shown (as viewed through a Web browser) in Figures 12-13 and 12-14. Figure 12-13: The output from the SHOW STATUS statement, as produced by the MySQL CLI HTML switch
We recommend high quality webhost to host and run your jsp application: christian web host services.

320 Part III . Administration Figure 12-11: A shell script for creating two Web pages to monitor MySQL server information Figure 12-12: A Perl script for creating two Web pages to monitor MySQL server information. This script can be run on any system that has Perl, including Windows and Mac OS X systems, by changing the location of Perl at the top of the script. On the CD-ROM Both these scripts are included on the CD-ROM.
We would like to recommend you tested and proved virtual web hosting services, which you will surely find to be of great quality.

Chapter 12 . Security 319 Figure 12-10: Adding a user to the MySQL database server 6. Since you re creating Web pages with status information, the user doesn t need any extra privileges. The following command simply creates the user on the database server (but does not give the user privileges such as SELECT, INSERT, DELETE, or the like): GRANT USAGE ON dummydb.* to Webuser@localhost IDENTIFIED BY 34vh21z ; Note The FLUSH PRIVILEGES statement is not necessary when you re using the GRANT statement. Creating the script that makes the Web pages With the Web server and access method ready, you can create a script for producing the actual Web pages. The script itself can be a simple shell script (which Windows users know as a Windows script), or it can be done in another language such as Perl. The concept for the script is simple: Run the MySQL CLI command mysql in batch mode, use the -Hswitch to produce HTML output, and redirect that output to a file. Figures 12-11 and 12-12 show examples of simple scripts to check the status of the server via the SHOW STATUS statement and also to look at the processes running on the server via the SHOW PROCESSLIST statement. Figure 12-11 is a simple shell script; Figure 12-12 is a script written in Perl. Note You will probably need to change the paths to both the MySQL CLI and the directory in which you want to produce the HTML output from the script.
We would like to recommend you tested and proved virtual web hosting services, which you will surely find to be of great quality.

318 Part III . Administration The user that you add for htaccessdoes not need to be a system user or exist on the system in any way except in the password file for htaccess. The following command creates the password file (as specified in the .htaccess file) and adds a user called suehringto the access file (as shown in Figure 12-9): htpasswd -c /var/lib/apache/.htpass suehring Figure 12-9: Using the htpasswd command to create the password file specified in the .htaccess file and adding a user called suehring to the password file Note The password file for .htaccessshould not be in a publicly available directory. In addition, adding a user to the password file for htaccess does not affect the user s rights on the system, if any. 4. Now add a user to the MySQL database to retrieve the information for the Web pages. To accomplish this, create a fake database and give the user access to the database. Creating a fake database enables you to have a user on the database server with only a bare minimum of privileges and then only on a database that holds no tables or data. You can use the mysqladmin command to create the fake database; do so from inside the CLI, or however you d like. The command looks like this: mysqladmin -p create dummydb 5. With the fake database in place, you can add the user to the database server (normally done via the MySQL CLI, as shown in Figure 12-10).
If you are looking for cheap and quality webhost to host and run your website check Jboss Web Hosting services.

Chapter 12 . Security 317 Note Using these pages, the administrator can monitor the MySQL server s performance. This can save time and make it so other administrators can monitor the MySQL server without having to know the backend commands for MySQL administration. You should protect these Web pages via effective passwords; unauthorized access to them is especially dangerous. A requirement for viewing dynamic monitoring Web page on a network is to get a Web server running. This does not have to be the same physical machine as the one that houses the MySQL server. If the machines are separate you will need to automatically transfer the resulting output from the MySQL commands to the Web server. The following example processes are performed in Linux, running an Apache Web server. (Your version of Linux may vary slightly from the one shown here.) Creating the fake database The steps involved to produce a MySQL monitoring Web page are as follows: 1. Make a publicly available directory to hold HTML output, using this command: mkdir mysqlmonitor 2. Create a password method to prevent unauthorized access to the directory; the .htaccessfile is a useful example, and Figure 12-8 shows how to create one. Figure 12-8: Creating a .htaccess file within the mysqlmonitor directory to prevent unauthorized access to the MySQL monitoring Web pages. 3. With the .htaccessfile in place, you must create a password file to accompany the .htaccessfile. The name of the file is specified in the .htaccess file.
Please visit Domain Name Hosting services for high quality webhost to host and run your jsp applications.

316 Part III . Administration . Check all values for length. . Check all values to make sure they contain no unexpected characters. These tips may seem like common sense, but you might be surprised at how many applications don t check for errors in the data, or give incoming data only a glance. Cross-Later in this chapter, I show how to add users to the database. Armed with this Reference information, you can then add a least-privileged user account that you can use to connect to the database from applications. Thus, even if you miss a step in error checking (or someone finds a way around error checking), the damage is minimal. Disabling DNS One method of attacking a server or manipulating data is to masquerade as a trusted server or client in a MySQL client-server exchange. This type of attack is possible against all applications that utilize Domain Name System (DNS) data, not just MySQL. By posing as a trusted or known host, the attacker can potentially gain an inappropriate level of privileges. For a DNS attack to occur, the attacker must be able to alter the DNS data on one of the resolvers for your MySQL server. For example, if you have 192.168.1.1 set as a DNS server for your MySQL server, the attacker must alter the DNS data on 192.168.1.1 and send back false information about hosts in your MySQL communication. An attacker could also spoof packets within the communication and pretend to be 192.168.1.1. If DNS data is altered or untrusted an attacker could also pretend to be a trusted host because the host is part of the MySQL authentication scheme. DNS attacks are not limited solely to the server. A DNS attack could be performed against a client as well. In a client attack, false information is passed to the client and a fake MySQL server poses as the real server (thus getting authentication information as well as the data being passed from client to server). Tip To prevent a DNS attack from being successful, you can turn off hostname lookups in MySQL. All connections will be based on IP address, with the exception of local- host connections. To disable DNS use from MySQL, start mysqld with the command-line switch –skip-name-resolve. You can also add skip-nameresolve to the MySQL configuration file. Dynamic MySQL monitoring of Web pages Using the HTML function of the MySQL CLI you can create a Web page with server information. With a scheduler such as cron you could then create the Web page in regular intervals to monitor the performance of the MySQL server. The resulting Web pages won t win awards for design, but they will produce useful information for administration of the MySQL server.
We recommend cheap and reliable webhost to host and run your web applications: Coldfusion Web Hosting services.

Chapter 12 . Security 315 Figure 12-7: Changing the port that the MySQL server listens on can help to hide the server from a curious person. Monitoring data sent to MySQL When data is entered into a database from applications, especially those that allow users to type in their own values, you must check the data for errors and other anomalies. It is the responsibility of the developer to ensure that data sent to the MySQL server is clean and free from error. The errors occur from two sources: . A malicious attack: With intentional attacks on the application and database, the attacker may attempt to escape DDL statements into the application. There are simple methods for preventing this type of attack including a least- privileged user and data cleansing. . Normal users: Sometimes normal users of an application are more dangerous than a would-be attacker. Regardless of how many notes and documents you create for use of the application, inevitably someone will innocently enter an illegal value. The developer must account for these errors and provide some feedback to the user via error messages or regular beatings. As an administrator, you should attempt to make sure that the developer understands what is needed from a database side to make sure the data is safe. This includes working with the developer on the design of the database and tables within the database so that the incoming data is of the proper length and type for the column. Just as important is making sure the developer performs necessary cleansing of inputted data. These steps can be enumerated for items that the administrator and developer must work on together: . Use a least-privileged user for connections from the application to the database or use more than one user; one user for inserts and updates, one for selects. . Check all values to ensure that they are the expected format, string or number.
Note: If you are looking for cheap and reliable webhost to host and run your mysql application check mysql web server services.

314 Part III . Administration that you have a MySQL server unless he or she uses other methods for fingerprinting the server on another port. Fingerprinting a MySQL server is possible. A curious person could open connections on random or sequential ports and see a familiar signature or fingerprint thus discovering your MySQL server. In Figure 12-6, I have the MySQL server set to listen on port 5150. Then, by simply telnetting to that port, I can see a repeatable pattern. Figure 12-6: Telnetting to a port that MySQL listens on shows a definite fingerprint indicating that it is indeed a MySQL server. Notice, in Figure 12-6, that the pattern is always the same. The beginning of the session opens with a left parentheses followed by a line-feed. Then a pattern of digits is shown followed by eight characters. Each time I telnet to the server, the pattern repeats. Now I know not only that there is a MySQL server on this host but also what version of the server is running, as indicated by the digits. As you can see, simply changing the port will not stop an ambitious attacker. The speed and triviality with which an attacker could scan 65,000 ports for a MySQL server makes changing the default port somewhat of a moot point. However, I still believe that changing the default port can serve a purpose to discourage the casual onlooker or curious person. To change the default port that MySQL listens for TCP/IP connections on, add the line port = N to the , section of the MySQL configuration file. For example, in Figure 12-7 the ,section is shown from an example server configuration file. (Note that the port number has been changed for the server.) Note For the sake of security, you must change any applications including the MySQL CLI so they connect via the alternative port number.
If you are looking for affordable and reliable webhost to host and run your business application visit our ftp web hosting services.