On Wed, 18 Jul 2007 16:38:28 -0400 David Boyes said: >> I would like to know if anyone has anything positive or negative >> to say about having a database port open on a public network. > >Don't do it without SSL protection or other additional armoring >techniques like restricting the IP addresses that can connect to it if >you care at all about the validity of the data you receive via that >database. Hostiles will a) find it, and b) misuse it.=20 >
For this application, the clients who come in over the Internet will not have static addresses. The only thing I can think of here is SSL client certificates. Did you have any other things in mind when you said 'additional armoring'? Thanks. Aria. >If you've taken the time to do the additional protections, then it works >very reliably, even from Windows clients.=20 > >> Is anyone using MySQL server with SSL secure connections. The binary >> for the server as available on SLES 10 was not built with the SSL >> support. Has anyone built MySQL on zLinux with SSL support included? > >It works, but is somewhat difficult to build in that the package has a >lot of dependencies. If you're comfortable building from source RPMs, >it's not too bad, but it will take you a while to get all the moving >parts put together.=20 > >---------------------------------------------------------------------- >For LINUX-390 subscribe / signoff / archive access instructions, >send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit >http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
