Results 1 to 6 of 6

Thread: mysql exploit

  1. #1
    Join Date
    Jan 2004
    Location
    <<Canada>>
    Posts
    734

    mysql exploit

    Can someone recommended me some one with knowledge of mysql exploit or mysql injection, it seem to our VB forum have issue with database load..
    <<< Please see Forum Guidelines for signature setup. >>>

  2. #2
    Greetings:

    Is the server in question secured?

    Is the server in question receive regular (no less frequently than monthly) updates to keep the server secured?

    Do you have mod_security installed?

    Have you reviewed your mod_security rules to see if they can be adjusted?

    Is the application getting the injections (which are most likely occurring from the web browser to the web server to the mysql server) updated to the most up to date and stable version?

    Thank you.
    ---
    Peter M. Abraham
    LinkedIn Profile

  3. #3
    Join Date
    Aug 2003
    Location
    Gods Own Country
    Posts
    869
    My suggestion is to setup mysql securely and follow secure coding methods/standards while coding the applications to avoid mysql injection or mysql exploits.


    Check these links
    http://www.linux.com/articles/54798
    http://mysqlsecurity.com/
    http://www.webmasterworld.com/forum10/9688.htm

    Hope it will be of some help
    Blessen Cherian
    Follow me on twitter.com/blessenonly
    Over a decade plus in the Hosting Industry

  4. #4
    Join Date
    Nov 2001
    Location
    Ann Arbor, MI
    Posts
    2,978
    Yeah, use secure coding methods when rewriting VBulletin.

    I wouldn't blame load problems on SQL injection. The symptoms of SQL injection would be data being modified or accessed without intended permission.

    You probably only need a sysadmin knowledgeable in optimizing the database server.
    -Mark Adams
    www.bitserve.com - Secure Michigan web hosting for your business.
    Only host still offering a full money back uptime guarantee and prorated refunds.
    Offering advanced server management and security incident response!

  5. #5
    Join Date
    Dec 2006
    Posts
    477
    Load problems in forums that aren't from the pure weight of traffic typically come from the extensions/add-ons.

    The programmers of these will have made new queries against the database that the database designers weren't anticipating, and the extension programmers rarely think about whether they should also be adding indexes to the database, or modifying their queries to make better use of the indexes already there.

    Setup the slow query log as explained in the mysql manual to see if you have any queries that take a long time to run, then search for them in you forums code. If they are in an extension, consider removing it, or if your SQL is up to it, analysing them to determine how to rewrite the query or add indexes to make it faster.

  6. #6
    Join Date
    Jan 2004
    Location
    <<Canada>>
    Posts
    734
    Thank you every one for this,, I will put your idea in motion...
    <<< Please see Forum Guidelines for signature setup. >>>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •