I'm setting up an application on Heroku that uses a MySQL database.
The client would like to use a MySQL database that has an explicit whitelist that allows it to connect. However, due to the dynamic IP nature of Heroku, this proves to be quite complex; we have to use an add-on such as QuotaGuard to provide us a static IP in which we can access the database.
This proxy routing is causing issues for us in other places as other services that use dynamic IPs are attempting to access the database and are failing.
My question is the degree of security a whitelist really provides rather than a complex username/password with SSL.
Has anyone had experience with the two and can speak to the advantages disadvantages?
Thanks
Allow me to rephrase your question:
What is the advantage of setting up a complex dynamic IP tracker system vs. simply securing the link?
An IP can be spoofed, by the way, so this solution is not that secure (right, such an attack requires some non-trivial black magic, but is quite feasible in fact).
Configuring MySQL for SSL support is really not that complicated and very well documented.
And if you can't recompile or reconfigure MySQL, you can still establish a simple VPN between your client application and your MySQL server (and only allow connections from this VPN).
Unfortunately, I don't know if your provider allows this level of configuration on your instances.
So if all of the above in not possible, you can still create a random 10000-character long password. Not secure enough for a purist, but I wish the hackers good luck :)
Related
I am using MySQL workbench on windows, which I want to connect to a Node-Red running on the IBM cloud. Since I don't run them on the same server the host 127.0.0.1 and port 3306 does not seem to work. What permissions should I give?
I'm going to make a LOT of assumptions here, because there really isn't enough information in your question.
First assumption, by "running on IBM" you mean that Node-RED is running on the IBM Cloud hosting service.
The short answer is you can not do what you want.
The longer version is that you probably could actually make this work but doing it is a REALLY bad idea.
Second assumption, you are doing this from home (even if you are doing it from a office location the same problems are likely to apply). This means you are connected to a local LAN using RFC 1918 address range (e.g. 192.168.0.x), this means you are behind a router that is performing NAT (Network Address Translation). This means you are going to need to set up portforwarding on the router so that when traffic arrives at the router it will send it on to your Windows machine. How you do this will depend on your router.
Next problem, your broadband probably doesn't have a static IP address which means it will change every time your connection drops. There are work arounds for this using things like Dynamic DNS. But that's too complicated to get into here.
Assuming you get all of that sorted out you still have the problem that you have now exposed your mysql database to the internet, so you need to make sure you have enabled all the right security measures to prevent people logging in and at best seeing all your data.
There are 2 much better solutions to this
Run Node-RED on the same machine or at least on the same local network as the database.
Use one of IBM Clouds hosted database solutions, these are a lot easier to connect to a IBM Cloud instance of Node-RED.
If you do not want to open ports to your network I recommend using a free MYSQL remote server
A simple website is https://remotemysql.com
Just take the screenshot of the credentials of your database after registration.
Keep in mind if your database is empty it will get deleted after some time.
I am creating a web service for a small company which will use client authentication and possibly https for a RESTful service. I am asking a very simple question that I hope is not too broad, but I am very new and naive to internet security. What precautions must I take to ensure my data is secure?
To describe my service a bit, users have an account where they place presumably insensitive information and retrieve it from a database using a homemade authentication token I create on successful login with a salted password. I am using an amazon instance where MySQL is local and access is granted remotely to me so I can access it directly from my home. I am using a few php scripts to do my work requesting and adding data and am attempting to protect against injection. I am storing my MySQL credentials in a separate file from the php scripts. I can only ssh into my server with a pem file that I believe is safe.
My biggest fear is that someone will come and delete all of my data. What other precautions must I take? Thanks
If you're using Amazon EC2 then you should make use of their security groups to lock down your MySQL server and ensure that no external access to it is possible.
Application servers have an internal non-routing 10.x type IP that should be used for access control, and any external IPs, like your home network, should be specifically whitelisted if VPN access or SSH tunnelling is not practical, as those two are far easier to secure.
Be absolutely sure that no credentials, configuration files, or keys are stored anywhere in your web root. That is, should you accidentally misconfigure your application server in the worst possible way, with directory indexes turned on and everything, it's not possible to snag anything critical.
You might also want to specifically exclude the downloading of *.inc in case you make a mistake. The idea here is to set up a number of safeguards you'd have to break before things go horribly awry. A single-mistake failure situation is always the result of bad planning.
Above all else, be extremely vigilant about proper SQL escaping to avoid SQL injection bugs as no amount of firewall security on your MySQL server will help you when someone can drive a truck through a mistake in your code and have free reign on the server. It's recommended to thoroughly audit any SQL interfacing code you've written before going live with it.
Be sure to have a proper deployment procedure that uses a version control system. If you ever have an intrusion it's very easy to roll back to a known-good version of the code if you have one. The 1990s style "throw files at server with FTP" deployment approach is hazardous at the best of times and fatal to your business when it goes wrong. Use version control or you're living on borrowed time.
I was wondering if someone could tell me if there is any potential security breeches that could occur by connecting to a MySQL database that does not reside at 'localhost' i.e. via IP address?
Yes, breaches do occur by not protecting the connection to your database. This is a network secuirty question more so than an Application secuirty question. Thus this answer is entirely dependent on your network topography.
If a segment of your network maybe accessible by an attacker, then you must protect yourself with cryptography. For instance you have a malicious individual who has compromised a machine on your network, then they can conduct an ARP Spoofing attack to "Sniff" or even MITM devices on a switched network. This could be used to see all data that flows in and out of your database, or modify the database's response to a specific query (like a login!). If the network connection to your database is a single rj45 twisted connection to your httpd server all residing inside a locked cabinet, then you don't have to worry about a hacker sniffing this. But if your httpd is on a wifi network and then connecting to a database in China, then you might want to think about encryption.
You should connect to your MySQL database using MySQL's built-in SSL ability. This insures that all data transferred is highly protected. You should create self-signed x509 certificates and hard code them. This is free, and you don't need a CA like Verisign for this. If there is a certificate exception then there is a MITM and thus this stops you from spilling the password.
Another option is a VPN, and this is better suited if you have multiple daemons that require secure point to point connections.
It's usually the other way round that the bigger problem lies, vulnerabilities in the MySQL server being exploited by untrustworthy clients.
However, yes, there have also been client vulnerabilities in the past (eg.) that would allow an untrustworthy server to attack the client.
Naturally you should keep your MySQL client libraries up to date to avoid such possibilities, as well as updating the server.
If your connection to the server is going over the internet (rather than a private network), you should consider running it over an encrypted link (either MySQL's own SSL scheme or using a tunnel). Otherwise any man-in-the-middle could fiddle with the data going in and out of the database, and if there are client or server vulnerabilities those could also be targeted.
If the servers are in the same rack, you can use dedicated high-speed MySQL cable, or use switch VLAN isolation, and protect the database OS. In cloud with the virtual cloud network you can connect it the way that arp spoof is not possible, and for the geo-ip replication, you can use user/password and firewall, and then measure the performance, and then setup a tunnel and measure performance again, if it's not bad, it might be worth against unknown threats or just useful in using spare cpu cycles.
Simply SQL servers has to be on isolated network, and not into the public, as rule of thumb, you never publish open database connection to anyone, and keep it with seriously good firewall filtering on separate subnet made for handling sensitive data with very good arp spoofing protection, otherwise it's crackable and the major parts of the system can be compromised using several techniques, and it's very nice and sometimes very easy to handle it this way, e.g. to control, monitor and policy the MySQL traffic with hardware layer - and it really does the job and makes a real difference.
Optionally you can keep it on encrypted hard-drive in physically safe place along with the switch, so upon breaking the power its switched off, and the private key erased, hence both layer-1 and layer-2 are secured.
On the switch to use the static ARP table plus the filtering for the static entries versus the port is very easy to do because it's also physical layer - the port number.
Are there any database only hosting services?
I need a MySQL only hosting service but I couldn't find any. All mysql hostings are part of a package e.g. PHP + MySQL.
I need it for development purposes. Having my PHP files somewhere else I can remotely connect to this mysql server and once an application is ready I can put that on a server having both PHP + MYsql. [well, there a some reason to have this kinda setup, if you have something to suggest please do.]
Any suggestion/recommendation if you have used any.
Thanks
The problem with a database-only host would be the security. The database need to be accessed over the Internet, thus username and password to access it are sent over the Internet. Even though you could add encryption and other protection, there's still a risk that the security is breached.
In general, you should never allow direct access to databases over the Internet! It's a real bad practice, which also explains why it's hard to find.
One way to get around such limitation is by building a web service around your database. In this web service you'll add all the functionality that you need to apply on this database, and the web service itself will keep the database itself protected. There would still be a risk that your web service gets compromised but even in that case, the attacker could never do more damage than the specific web service allows.
Such a web service can be created in PHP, although I myself have more experience with doing something similar with .NET and C# on SQL Server...
I think that you can find hosts with MySQL and PHP cheap enough that it would be easiest for you just to use one of those hosts and only use what you need.
Web Hosting Buzz has a plan for $5.95 (a month) which has unlimited databases, 400GB storage, and 500GB/Month data transfer.
A few weeks after the question was posted, Amazon announced a beta of "Amazon Relational Database Service (Amazon RDS)." It acts like MySQL 5.1.
http://aws.amazon.com/rds/
Seems pricey for what you want, but you never said you were the one who would be paying the bill.
Contract a dedicated server.
Use it only to host your MySQL database
If the server is managed, they should help you with basic MySQL problems as it is usually preinstalled. I use http://www.hostingmatters.com/
If you are just needing this for developement purposes for PHP + MySQL why not just install EasyPHP (http://www.easyphp.org/). This installs quickly and easily and I think it's great for developement.
I've had no problems installing additional PEAR extensions and such after the fact with this.
There's a free option on Heroku and paid options up from there: https://addons.heroku.com/cleardb
You can try freemysqlhosting.
http://freemysqlhosting.net/
I'm new to MySQL and I'm using a desktop DB management app called "Querious" to simplify the process while I learn.
I want to work on (mainly just structure & basic population) a database that's hosted elsewhere, but the host won't allow any remote MySQL calls on their server.
What is their reasoning for restricting MySQL calls to localhost only? Is this a security or a performance concern?
This is a security concern. The idea is that if people can't remotely connect, they have to compromise the system. Not just the files that hold the database information.
You may be able to request that just add your IP address to a trusted host file, but I doubt they'll do that either.
It's fairly common practice to not allow remote DB connections
I've run into this problem with GoDaddy where they implement this by default. You can change this, however, by indicating that you want to allow remote access. If you've already created your DB, though, you can't change it, so I would recommend creating a new DB and deleting your other one.
The reason why is for security. If only your app can call your DB, you don't have to worry about other people trying to access it.
Distill,
An improperly-configured MySQL instance is dangerous, whether the user is remote or local. This could allow malicious attackers to cause crashes or remote execution of arbitrary code (i.e., owning the machine).
You can use PuTTY to create a tunnel if it's allowed by the server so that your application traffic goes through ssh and then is forwarded to the correct port on localhost.