Difference between revisions of "SRA840 Lab7"
Line 43: | Line 43: | ||
* Name two security measures that MySQL recommends: | * Name two security measures that MySQL recommends: | ||
Some general security measures recommended my MySQL are as follows: | Some general security measures recommended my MySQL are as follows: | ||
− | In general mysql emphasize on protecting the entire system against all attacks. mysql also emphasizes on not giving any one else except root, access to the tables in the mysql database. | + | In general mysql emphasize on protecting the entire system against all attacks. mysql also emphasizes on not giving any one else |
+ | except root, access to the tables in the mysql database. | ||
* Which MySQL log file, in your opinion, is important for you to keep track of and why ? | * Which MySQL log file, in your opinion, is important for you to keep track of and why ? |
Revision as of 20:46, 11 April 2009
Contents
- 1 Mohak
- 2 Milton
- 3 Nestor
- 3.1 Show SQL commands that work on MySQL for:
- 3.2 give and remove user rights
- 3.3 create a table
- 3.4 insert a few records into the table you created
- 3.5 select some of the records in the table you created
- 3.6 change some of the records into the table you created
- 3.7 delete records from the table you created
- 3.8 How will you read records from in a plain text file into MySQL. Give an example.
- 3.9 What are the exact sequence of steps that you need to take so that Apache logs can be read in from MySQL. Assume you have a default installation of Apache and a default installation of MySQL.
- 3.10 Name two security measures that MySQL recommmends
- 3.11 Which MySQL log file, in your opinion, is important for you to keep track of and why?
- 3.12 As you observe from the tutorials, many users have added their own comments in addition to the MySQL material. Which two comments (one from the using tutorial and one from the administration tutorial) you think were useful to you.
Mohak
- View privileges for a user:
SHOW GRANTS FOR 'root'@'localhost';
- Give user rights:
GRANT CREATE, INSERT ON vyas.* TO 'user'@'localhost' IDENTIFIED BY PASSWORD 'password hash'; You can give a plain text password but it's better to use hash if you know your password hash.
- Remove user rights:
REVOKE ALL FROM 'user'@'localhost';
- Create a table:
USE vyas; CREATE TABLE tmp (name VARCHAR(20), sex CHAR(1), bday DATE);
- Insert a few records into the table you created:
INSERT INTO tmp VALUES ('Abc','M','1900-01-02'); INSERT INTO tmp VALUES ('Xyz','M','NULL');
- Select some of the records in the table you created:
SELECT * FROM tmp; SELECT name,sex FROM tmp WHERE name = 'Abc'; SELECT name,bday FROM tmp WHERE bday > '1900-01-01';
- Change some of the records into the table you created:
UPDATE tmp SET bday = '1980-01-11' WHERE name = 'Xyz';
- Delete records from the table you created:
DELETE FROM tmp WHERE name = 'Xyz'
- How will you read records from in a plain text file into MySQL.
LOAD DATA LOCAL INFILE '/tmp/vyas.txt' INTO TABLE tmp; You need to enable this to use it. Start your mysql like this: mysql --local-infile=1 -u root -p Value of 1 enables it and 0 disables it. This should also be enabled from the server side too.
- What are the exact sequence of steps that you need to take so that Apache logs can be read in from MySQL:
Install mod_log_sql module and issue following commands.
mysqladmin CREATE apache_logs mysql apache_logs < access_logs.sql mysql alache_logs GRANT INSERT,CREATE ON apache_logs.* TO 'root'@'localhost' IDENTIFIED BY 'password';
Add following lines to httpd.conf: <IfModule mod_log_sql.c> LogSQLLoginInfo mysql://webserver:password@mysqldb.example.com/apache_logs LofSQLCreateTables on </IfModule>
- Name two security measures that MySQL recommends:
Some general security measures recommended my MySQL are as follows: In general mysql emphasize on protecting the entire system against all attacks. mysql also emphasizes on not giving any one else
except root, access to the tables in the mysql database.
- Which MySQL log file, in your opinion, is important for you to keep track of and why ?
In my opinion, the general query log file is important. It keeps a general record of what mysql daemon is doing. It becomes useful when there is an error in a client and you want to find out exactly what client sent to mysql daemon. It can enables using --general_log and 1 or 0 to enable and disable respectively.
Milton
1. give and remove user rights
1.1 Give privileges:
mysql> grant all on wordpress.* to wordpress@localhost identified by 'password';
1.2 Remove privileges:
mysql> flush privileges;
2. create a table
mysql> create table table_name (name char(20));
3. insert a few records into the table you created
mysql> insert into table_name values('milton');
4. select some of the records in the table you created
mysql> select name from table_name;
5. change some of the records into the table you created
mysql> update table_name set name='johndoe' where name='milton';
6. delete records from the table you created
mysql> delete from table_name where name='johndoe';
7. How will you read records from in a plain text file into MySQL. Give an example.
Copy records to a plain text file:
mysql> select * into outfile '/tmp/database.txt' fields terminated by '\t' lines terminated by '\n' from table_name;
Import records from a plain text file:
mysql> load data infile '/tmp/database.txt' into table table_name fields terminated by '\t' lines terminated by '\n';
8. What are the exact sequence of steps that you need to take so that Apache logs can be read in from MySQL. Assume you have a default installation of Apache and a default installation of MySQL.
8.1 Create a database
8.2 Create a table with the fields I will need
8.3 Split the apache log file to a temporary file then mysql can recognize this file
8.4 Import this plain text file into the database
8.5 Create a shell script to keep updating the text file
9. Name two security measures that MySQL recommmends
- Encrypt the passwords
- Add an password for the default system users like root and mysql.
10. Which MySQL log file, in your opinion, is important for you to keep track of and why?
--log, --log-error and --log-warnings
Nestor
Show SQL commands that work on MySQL for:
give and remove user rights
give/grant user right
mysql> grant all on wordpress.* to wordpress@localhost identified by 'dumpling';
remove user right
mysql> flush privileges;
create a table
mysql> create table table_foo (rec1 char(9));
insert a few records into the table you created
mysql> insert into table_foo values('record1'); mysql> insert into table_foo values('record2'); mysql> insert into table_foo values('record3');
select some of the records in the table you created
mysql> select rec1 from table_foo;
change some of the records into the table you created
mysql> update table_foo set name='record0' where rec1='record2';
delete records from the table you created
mysql> delete from table_foo where rec1='record3';
How will you read records from in a plain text file into MySQL. Give an example.
Exporting records
mysql> select * into outfile '/tmp/mysql_test/table_foo.txt' fields terminated by '\t' lines terminated by '\n' from table_fo;
Importing records
mysql> load data infile '/tmp/mysql_test/table_foo.txt' into table table_foo2 fields terminated by '\t' lines terminated by '\n';
What are the exact sequence of steps that you need to take so that Apache logs can be read in from MySQL. Assume you have a default installation of Apache and a default installation of MySQL.
It's just like how we do it for wordpress. First, make sure apache and mysql are all installed and running properbly. Then, create a database and table, also create the fileds that we'll need, e.g: hour, minutes, status, etc. Then it's the tricky part, we have to extra the apache log file's lines into different filed, so that mysql can read it. You can acheive it with 'sed' or some other command or even script. We actually have a python script from Danny's assignment that has simular function. We could adjust the script to acheive the task. then, we can import the text file with mysql command 'load data infile'.
Name two security measures that MySQL recommmends
1.always have set a password 2.use a long password with combination of characters and numbers
Which MySQL log file, in your opinion, is important for you to keep track of and why?
In my opintion, i think The General Query Log is the most important. Assuming the database has already installed and running properly. The most critical things is data leaking. It is really important, because you do not want any random people to the record. The database may contain some sensitive records, e.g: VISA numbers, address.
(ref: http://dev.mysql.com/doc/refman/5.0/en/server-logs.html)
As you observe from the tutorials, many users have added their own comments in addition to the MySQL material. Which two comments (one from the using tutorial and one from the administration tutorial) you think were useful to you.
Tut
It fill in a lot of gap that the tutorial didn't cover. http://dev.mysql.com/doc/refman/4.1/en/database-use.html
Admin
A lot of experience sharing http://dev.mysql.com/doc/refman/5.0/en/query-log.html.