The database is the basis of e-commerce, finance, and ERP systems, usually saved important business partners and customer information. Most enterprises, organizations, and government departments are stored in various databases, they use these databases to save some personal information, and also master sensitive financial data. However, the database usually does not have emphasizable in security as an operating system and network. The data is where companies, the lifetime of organization, so selecting a secure database is critical. Large websites generally use Oracle or DB2, while most of the small and medium-sized websites use more flexible and compact MSSQL databases or MySQL databases. So, under the same conditions, micro-soft MSSQL and free mysql which are more secure?
I have installed MSSQL and MySQL with the administrator account by default to test their security in the same case. My system is configured as follows: Operating system Microsoft Windows 2000 Version 5.0, installs SP4, FTP services, and IIS services, support ASP and PHP. There is only one administrator account admin, and the guest account is not disabled.
1. System internal security analysis
1.Mysql database permissions control problem
MySQL's permission control is based on the mysql database called authorization form, including six table Columns_Priv, DB, FUNC, HOST, TABLES_PRIV, and User. First use the desc user command to view the structure of an uncommon User table to query the content, now you can view his permissions set. Use the command select host, user, password, delete_priv, update_priv, drop_priv, update, the result is a more dangerous permissions, the results are as follows: mysql> SELECT HOST, User, Password, Delete_Priv, Update_Priv, Drop_Priv from User; ----------- ------ ------------------ ---------- - ------------ ----------- | Host | User | Password | delete_priv | Update_priv | Drop_Priv | -------- --- ---- ------------------------------ ------ ------- ----------- | localhost | root | 0e4941f53f6fa106 | Y | Y | Y | |% | ROOT | | Y | Y | Y | | | | | Y | Y | Y | |% | | | N | n | n | ------------------------------- ----- ------------ ------------- --------- 4 ROWS IN SET (0.00 sec) Article 1 means that the machine is logged into the password in this unit, with the delete record, modify the record, delete table, etc., which is safe. Article 2 means that in any host uses root without a password, there is a delete record, modify a record, and delete a table. Article 3 means that the local anonymous login is logged in, and has the authority such as deletion record, modification, and delete tables. The last article indicates that any host is anonymous, but there is no permission. Obviously, second, third, four are not safe! The second note is not to say, in terms of article 3, even if you are guest permissions locally, you can also log in to the MySQL database and have all permissions. In this way, you can do whatever you want to. Workaround: If you don't need remote maintenance, remove the second, delete from user where host = "%" and user = "root"; or add a strong password. Delete Article 3, delete from user where host = "localhost" and user = ""; 2. Mysql installation directory
MySQL is installed by default to C: / MySQL, but the default is EVERYONE fully controlled, due to the inheritance of the permissions, C: / MySQL pair EVERYONE is also fully controlled, apparently is not safe. Because malicious users can delete important data files. Workaround: Reset access to the mysql directory. Or install MySQL to another directory, if you move MySQL to D: / MySQL, you must use D: / MySQL / BIN / MySQLD --BASEDIR D: / MySQL to start mysqld, and even modify its configuration file. 3. MSSQL database permissions control problem
The permission control of the MSSQL database is based on the Master library's syslogins table. The account with all permissions is SA, and there are also different permission accounts such as Sysadmin, DB_OWNER. However, the default password of the MSSQL database's highest authority account will be empty, so if it is not paying attention, it will bring devastating disasters to the data. Malicious attackers can modify, delete all data, more importantly, the MSSQL account can utilize the extension execution system command. Workaround: Regularly check all login accounts to see if there is a password that does not meet the requirements. Use master select name, Password from syslogins where password is null command checks if there is a space password account. Delete storage extensions as much as possible to prevent local users from using storage expansion to perform malicious commands. The use master sp_dropextendedProc XP_cmdshell command deletes XP_cmdshell extensions.
4. MSSQL installation directory issue
Like MySQL, MSSQL is also installed to the EVERYONE complete control C drive, because of the access control problem, it is best to install a strict privilege control. Moreover, since the MSSQL database is very close to the system, the system administrator can operate the database by selecting Windows authentication without the database password. Therefore, ordinary users may improve their permissions through system vulnerabilities, and destroy the database.
Solution: In addition to strict access limitations, you should regularly check whether SQL Server log checks if there is a suspicious login event, or use the dos command FindSTR / C: "Login" D: / Microsoft SQL Server / MSSQL / log / * . The security of MSSQL is closely combined with the security of Windows systems, and any vulnerability will threaten another security.
Summary, both the system is safely, Mysql and MSSQL have not achieved satisfactory extent, the account is safe, and access to access is not very good. But MSSQL has a detailed log to view the login situation, which is better than MySQL. If a reasonable setting is performed, MySQL is more secure, because in the case of MSSQL, you can have database permissions as long as you have system permissions.
II. External network security analysis
1. Detection of database services
For safety, let the MySQL service run in the inside network, but if your machine has external network interface, MySQL will automatically be bound to the external network, exposed to the Internet, and the system will listen in the TCP 3306 port, very It is easy to find data security by the port scan tool and cannot guarantee data. If by default, MSSQL opens the 1433 port listening of TCP. Although MSSQL can change the listening port, it is easy to know what TCP / IP port used by Microsoft's unapproved 1434 ports can be easily understood. The UDP1434 port sends a 1 byte of the data package that is 02. The detected system returns the installed MSSQL service information, including: host name, instance name, version, pipe name, and port used. This port is Microsoft's own use, and can be changed as default 1433 ports, and 1434 cannot be changed. A typical return information is as follows: ServerName; Sky; InstanceName; Sky; Isclustered; NO; Version; 8.00.194; TCP; 3341; Np; // SKY / PIPE / MSSQL $ XHT310 / SQL / Query; I can find MSSQL The TCP port is changed to 3341, opened the door to the attacker! As long as you will be able to program knowledge, you can write a program that scan the MSSQL service, and the general filtering is difficult to prevent due to the utilization of the UDP port. The AWEN of the heaven wrote a probe, using the C # language, the code is as follows: use system; use system.net.sockets; use system.net; use system.Text; namespace consoleapplication; namespace consoleapplication3 {
Class class1 {// Create a UDPCLIENT instance private static udpclient m_client;
// LISTEN return information used to obtain public static string Listen (string hostip) {string HostIP = hostip; IPAddress thisIP = IPAddress.Parse (HostIP); IPEndPoint host = new IPEndPoint (thisIP, 1434); byte [] data = m_Client .Receive (ref host); Encoding ascii = encoding.ascii; string strdata = ascii.getstring (data); Return strdata;
} // send public static void send (string host) {string hostip = hostip; Byte [] buffer = {02}; // 02 is the data to be sent, only 02, 03, 04 has response Int ecode = m_client.send (Buffer, 1, Hostip, 1434); // Ecode is used to return whether it is successfully transmitted (Ecode <= 0) {Console.Writeline ("error:" ecode);
}
} // Simple processing of the returned information public static void outputinfo (string strdata) {string str = strdata; //str.le char [] That = {';', ';'}; string [] strofthis = Str.Split (That); // int i = 0 for (int i = 0; i {console.write); console.write ('');}
} // Enter ip public static string INPUTHOSTIP () {Console.write ("Enter the ip you want to scan:
"); string hostip = console.readline (); console.write (''); return hostip;} // exit public static void exit () {console.writeline (" if you want to exit, Just Input 1) ; int a = console.read (); if (a! = 1) {Console.Writ, Just Input 1 "; console.read ();} else {}}
[Stathread]
Static void main (string ") {string hostip; hostip = INPUTHOSTIP (); console.writeline (" begin to send udp to the host "); m_client = new udpclient (); send (Hostip); string strdata = Listen (Hostip); OutputInfo (strData); exit ();
}}}
3 A typical return information
ServerName; InstanceName; Awen; ISClustered; NO; version; 8.00.194; TCP; 1044; (TCP port, visible, how to change) Np; // awen / pipe / mssql $ xht310 / SQL / Query;
Solution: Install a firewall, or use the IPSec of the Windows 2000 system to limit the IP limit for the network connection to implement the security of the IP packet. Limiting the IP connection, only ensuring that your IP can access, reject port connections to other IPs, and effectively control the security threats from the network. It is important to filter ports, including most of the TCP and UDP ports, because only IP limit is performed, there is a possibility of malicious attackers to attack the host trusted by the database server, and attack the database server as a springboard. .
2. Database password detection
Password attacks include two, crack passwords and network monitors. Cracking passwords are the use of tools to connect the database to guess passwords, including dictionary attacks, violent attacks, and semi-violence between the two. Semi-Dictionary attack. Usually the attacker first uses a Dictionary attack method. If there is no success, semi-violent semi-dictionary attacks, violent attacks. In the case where the network speed is good, the computer operates is strong enough, and the password attack hazard is quite large. Network listening is to control a network device, and run the listening tool to capture password information transmitted in the network. Network monitor can be divided into two, one is an external monitor, put the listening tool software to the network connection device or put on the computer that can control the network connection device, network connection device, such as gateway servers, such as a router and many more. The other is from the internal monitoring, for unsafe local area networks, data is propagated by broadcasting, as long as the network card is set to a mixed mode, it can receive the data package that does not belong to its own, and may of course include information such as password information. . Workaround: Disconnect the password, as long as the password is set to be strong enough, it can be shielded to the same IP address. But for the listening, if the network transmission is not encrypted, all network transfers are clear, including passwords, database content, etc., no matter how complex password is not good, this is a big Security threat. Therefore, in the case of the conditions, it is best to use SSL to encrypt the protocol, of course, you need a certificate to support. And, for network monitors should be found in time, if the packet loss rate in the network is suddenly high, then there is reason to suspect that the network is listening.
3. Script security
Scripting security itself is a very complex problem, enough to write a professional long analysis article, and I am not very inner, Mix, Envymask, Pskey, Angel, is more crazy, haha. Script security is mainly due to the lack of stringent inspection of submitted data, more dangerous symbols ";", "", "#", "-", "$", "/", etc. This problem was originally considered asp SQL Server problem, but soon found substantially its impact, and later some people continued to discover the problem in PHP mysql, and SAN made in-depth analysis of PHP. Interested to go to the security focus to find his article. For script, there is no special solution, only relying on programmers' personal quality ...
Summary, whether it is mysql, or MSSQL, in the external network, it is considerably threatened. In contrast, the threat of MSSQL even more even more. In the past two years, MSSQL has exposed a plurality of remote overflow vulnerabilities. If the configuration is better, I think that mysql is safe than MSSQL, because the new overflow vulnerability that will break out at any time is anti-fighting, and the SQL injection attack that can execute system commands is also terrible. Ok, it is limited to the space, this article ends here.
