Results 1 to 7 of 7

Thread: Mysql attacked

  1. #1
    Join Date
    Apr 2005
    Location
    Singapore
    Posts
    302

    Mysql attacked

    My mysql server is attacked heavily to one site on my server and make whole server load extremely high up to 120 and memory usage up to 90%
    My server is dual opteron 244 with 4GB ram.
    Any idea to prevent Mysql attack?

  2. #2
    Join Date
    Oct 2004
    Location
    Kerala, India
    Posts
    4,743
    Can you make it a little more clear? Is it like the connections are not properly closing?
    A poorly coded script can cause this. A little more explanation is appreciated.

  3. #3
    Join Date
    Apr 2005
    Location
    Singapore
    Posts
    302
    somebody attack my server sql remotely make all the queries can not be completed

  4. #4
    Join Date
    May 2004
    Posts
    448
    Are they attacking the mysql server directly or using one of the insecure php scripts you have in your server?

    If it is the former case, make sure that you don't have wild card entries under the hostname allowed for the database. If it is through some insecure php scripts, update the scripts, tighten php by disabling dangerous functions and install mod_security. These will add extra layers of security.

    If you do not know how to do it, hire some good admin to do it.
    Geeks4Help.com - leader in world class security and server management
    With us in control of your servers, you can have your full night's sleep.

  5. #5
    Join Date
    Apr 2005
    Location
    Singapore
    Posts
    302
    They are attacking through search page of a phpbb forum

  6. #6
    Are you aware of SQL Injection ?

    for example "SELECT * FROM Customers WHERE Name=" + variable, is the format in which you write your business logic. and if somebody passes variable as "'xyz'; delete from Customers" your entire query becomes

    "SELECT * FROM Customers WHERE Name='xyz'; delete from Customers"

    which is the way how someone can use search module or use any of your module to inject more dangerous sql and harm your server. Make sure phpbb forum is sql injection free, or if its not then disable the search till the time you resolve this issue.
    - Akash Kava
    My Blog
    Web Atoms JS

  7. #7
    what's your phpbb version that you are running? I would suggest you to install mod_security as geeks4help suggest and insert some rules that will help you elimiate the problems.

Related Posts from theWHIR.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •