1

I'm having a discussion with a software developer in my nears. He is using MySql direct connections for a software. There is no PHP/SSH/whatever-Bridge involved for the communication, neither at startup, while running or before logging out. The software goes from account login to management and so on.

As you may know, the account data can be read out by some hacking software e.g. Cheat Engine. Thats the point we discussed after I created a web-based readonly interface for some data from this database. There is no security and everyone could just access to it and make with the data (mail addresses, passwords: sadly just md5) what they want.

Now he told me that he configured the firewall and mysql server to I get mails from non-software (like my web interface) accesses to this database and an automatic backup. Now he is crying about a broken firewall and an overwhelmed mail server.

Edit:

Its a Debian-76-wheezy-64-LAMP

My question is: Is this possible?

My mind of this: No, its not as the client (with around 40 users) has always another IP and is logging in to the same mysql account as in my web interface. He is using that tactic to disallow complains about the mentioned security issues.

I appretiate any help on that question.

A little graphic:

Graphic

Improve this question
5
  • I would appreciate if you mention OS platform you are running Commented Nov 7, 2014 at 19:15
  • 1
    anyways if you have Linux then Use iptables or on any unix/linux platform use hosts.allow & hosts.deny files where you can allow or disallow specific IPs, Ports, Services etc. Commented Nov 7, 2014 at 19:18
  • Yes. What came on my mind: Is there a special mysql packet flag that can be analyzed by the firewall and not been sent by mysqli but by libmysql.dll? Commented Nov 7, 2014 at 19:35
  • You know who are authentic Users Using some authentic port. Allow those users & ports Commented Nov 7, 2014 at 19:40
  • The problem is, that the mysql account is always exact the same and port is always 3306 (mysql-daemons default). Commented Nov 7, 2014 at 19:44

1 Answer 1

Reset to default
0

I don't know which OS platform & version you are using

But

TCP Wrappers can help

Edit your /etc/hosts.allow file

#first Allow all local connections
ALL: 127.0.0.1 

#allow ssh Access to IPs this is important as you need to allow some users to login via ssh
sshd: 1.1.1.1
sshd: 2.2.2.2

#change above Ips to your need then only those will have ssh access

#Allow mysqld access i.e port 3306 to limited users
mysqld: 1.1.1.1
mysqld: 2.2.2.2

#change above Ips to your need then only those will have ssh access

In /etc/hosts.deny

ALL:ALL
#this will deny everything else

In hosts.allow file you can add other services like proftpd, httpd, sendmail, access to only limited users & have some better control.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.