[unisog] Encrypted tunnels for mysql

Ray Strubinger rays at phhp.ufl.edu
Tue Jun 28 13:00:15 GMT 2005


Stunnel would be likely be a good choice as it can be used to tunnel any protocol and it runs on Linux and Windows.  

We have used stunnel and firewall rules to secure MySQL traffic for remote users especially when they have a favorite tool they want to use against the database.  Setup is fairly straight forward and there are several examples in the stunnel configuration file to use as a guide.

-Ray

>>> r.fulton at auckland.ac.nz 6/28/2005 1:04 AM >>>
Hi,
   I have a bunch of snort sensors that log back to a central mysql server and I would like to  'secure' this traffic.  The only really sensitive info is actually the password but that's enough to make it worth doing.   I know I can do this with 'ssh db-box -L 13306:localhost:3306' (if I got that right) but it isnt ideal so how do others do this?

Cheers and thanks, Russell
_______________________________________________
unisog mailing list
unisog at lists.sans.org 
http://www.dshield.org/mailman/listinfo/unisog




More information about the unisog mailing list