Hi,
I think BRACK a.k.a. Jouri means that the connection
string (from the PHP pages) would be visible in the
client's browser once the SQL server stops running.
However, I am not so sure about this as all commands
are processed on the server - it will, however display
an error message that the SQL server is inaccessible.
Greetz,
Bjorn Van Simaeys
www.bvsenterprises.com
--- Tyler Longren <[EMAIL PROTECTED]> wrote:
> If the SQL server is down how will he hack it?
> That's like hacking a
> webserver that doesn't exist.
>
> Tyler Longren
> Captain Jack Communications
> [EMAIL PROTECTED]
> www.captainjack.com
>
>
> On Tue, 7 Aug 2001 21:35:58 +0200
> "BRACK" <[EMAIL PROTECTED]> wrote:
>
> > I just wanned to bring the issue of security of
> MySQL connection:
> >
> > Let us imagine that SQL server was down for some
> hours (of
> > course without us knowing it) and at the same
> hours our SQL site
> > was visited by some kind of hacker, he can see on
> his screen all
> > our SQL connection info like username, password,
> and database
> > name. You may hide this information in different
> file than the file
> > that your users open then the hacker will see
> something like
> > "include("connect.inc");" or
> "require("connect.inc");" (of course IF
> > server is down). So you may only imagine the
> consequences of
> > this visit of the hacker. What can we do to
> protect our sensitive
> > information if SQL server is down?
> >
> > Youri
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> > For additional commands, e-mail:
> [EMAIL PROTECTED]
> > To contact the list administrators, e-mail:
> [EMAIL PROTECTED]
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> For additional commands, e-mail:
> [EMAIL PROTECTED]
> To contact the list administrators, e-mail:
> [EMAIL PROTECTED]
>
__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
