in reply to ideas needed to query remote database securely

Mysql can restrict the IP ranges from which it accepts a connection. Even when a 3rd party got a hold of username and password, he likely wouldn't be able to log in to the database, from where he sits.

Actually, in our case, the whole section 4.2, "General Security Issues and the MySQL Access Privilege System", looks to be worth a read.

  • Comment on Re: ideas needed to query remote database securely

Replies are listed 'Best First'.
Re: Re: ideas needed to query remote database securely
by InfiniteSilence (Curate) on Nov 04, 2003 at 19:18 UTC
    bart!!!! Haven't you heard of a man in the middle attack? You cannot guarantee that a client is who you think it is simply by the IP address. You need some form of encrypted key-passing and hashing both at time of initial connection with the foreign party AND for each subsequent packet to ensure security.

    Celebrate Intellectual Diversity

[reply]

In Section Seekers of Perl Wisdom