ok this is a different ball of wax altogether :-) We do use ssh
instead of ftp to prevent network sniffing of data, but i am not even
looking at this yet how to prevent someone from sniffing the connection and
stealing stuff. We use oracle. But that is an interesting link thanks. We
will have to solve this problem eventually as well, but for now we are
presuming it is all on an internal net so it is pretty secure in that
regard.
-Dave
-----Original Message-----
From: Mike(mickalo)Blezien [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 11, 2001 3:28 PM
To: [EMAIL PROTECTED]
Cc: Dave Feinberg
Subject: Re: security and dbi
On Tue, 11 Dec 2001 14:26:06 -0600, [EMAIL PROTECTED] wrote:
>>
>>Being a newbie I am not sure what I am doing is the best way BUT it works
>>for us. I create accounts with ONLY the access the accound needs. I have
>>no 'system wide' accounts. If the username/password is used for reporting
>>(as most of mine are) they get only the ability to read data not modify
it.
>>If the user (script) needs to modify it, I have the user enter a password.
>>I use this as an audit trail.
>>
>>My $0.02.
Not sure if this will help, but you may want to check out:
http://www.mysql.com/doc/S/e/Secure_connections.html
for connecting to MySQL securely.
Mike(mickalo)Blezien
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Thunder Rain Internet Publishing
Providing Internet Solutions that work!
http://www.thunder-rain.com
Tel: 1(225)686-2002
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
