Securing database with command line linux: Difference between revisions

From ICO wiki
Jump to navigationJump to search
Line 20: Line 20:
[[File:Pagename_Root_database.jpg|thumb|right|Database]]
[[File:Pagename_Root_database.jpg|thumb|right|Database]]
A database is an organized collection of data. It is the collection of schemas, tables, queries, reports, views and other objects. The data are typically organized to model aspects of reality in a way that supports processes requiring information, such as modelling the availability of rooms in hotels in a way that supports finding a hotel with vacancies.
A database is an organized collection of data. It is the collection of schemas, tables, queries, reports, views and other objects. The data are typically organized to model aspects of reality in a way that supports processes requiring information, such as modelling the availability of rooms in hotels in a way that supports finding a hotel with vacancies.





Revision as of 13:37, 2 June 2016

Author: Mohanad Aly

Group : Cyber Security Engineering (C11)

Page Created: 18 February 2016

‎Last modified: 19 May 2016‎

Aim of this page

  • Control the Command Line environment.
  • What database mean ?
  • Database Threats.
  • Securing Database using the command line method.
  • Access the information in Database by easy way.

What is Database

What database mean ?

Database

A database is an organized collection of data. It is the collection of schemas, tables, queries, reports, views and other objects. The data are typically organized to model aspects of reality in a way that supports processes requiring information, such as modelling the availability of rooms in hotels in a way that supports finding a hotel with vacancies.








General Information about command line

Examples of the basic commands
  • Before starting you need to take a short course of command line in code academy Code Academy
  • After you finish the command line exercises, you need to know a few commands that you have to remember always.
  • First cd the command that will make you navigate everywhere in the command line environment.
  • second pwd command that always make you know your location in the system.
  • Don't forget also whoami to know you are the root user or not.
  • sudo -s switch you to root user that control everything in the system.
  • apt-get update Always update your repositories and before install anything.
  • apt-get install After you become super user you will need this command to install packages.
  • apt-get Upgrade Don't forget to upgrade your system.
  • nano nano always good for beginners, easy to edit or write file in command line.
nano text editor example
  • ls which you already know from the code academy to list all the files and folder in the directory.

Database Threats

An attacker can target and compromise a database server in a number of ways by exploiting a variety of configuration and application level vulnerabilities.

Major threats and vulnerabilities that can result in a compromised database server and the potential destruction or theft of sensitive data.

The main threats to a database server are:

  • SQL injection
  • Network eavesdropping
  • Unauthorized server access
  • Password cracking

SQL Injection

  • With a SQL injection attack, the attacker exploits vulnerabilities in your application's input validation and data access code to run arbitrary commands in the database using the security context of the Web application.

Vulnerabilities

  • Vulnerabilities exploited by SQL injection include:
  • Poor input validation in your Web applications
  • Unsafe, dynamically constructed SQL commands
  • Over-privileged application logins to the database
  • Weak permissions that fail to restrict the application's login to the database

Countermeasures

  • To counter SQL injection attacks:
  • Your application should constrain and sanitize input data before using it in SQL queries.
  • Use type safe SQL parameters for data access. These can be used with stored procedures or dynamically constructed SQL command strings. *Using SQL parameters ensures that input data is subject to type and length checks and also that injected code is treated as literal *data, not as executable statements in the database.
  • Use a SQL Server login that has restricted permissions in the database. Ideally, you should grant execute permissions only to selected *stored procedures in the database and provide no direct table access.

Network Eavesdropping

  • The deployment architecture of most applications includes a physical separation of the data access code from the database server. As a result, sensitive data, such as application-specific data or database login credentials, must be protected from network eavesdroppers.

Vulnerabilities Vulnerabilities that increase the likelihood of network eavesdropping include:

  • Insecure communication channels

Passing credentials in clear text to the database for example

  • Using SQL authentication instead of Windows authentication
  • Using SQL authentication without a server certificate

Countermeasures To counter network eavesdropping:

  • Use Windows authentication to connect to the database server to avoid sending credentials over the network.
  • Install a server certificate on the database server. This results in the automatic encryption of SQL credentials over the network.
  • Use an SSL connection between the Web server and database server to protect sensitive application data. This requires a database server certificate.
  • Use an IPSec encrypted channel between Web and database server.

Unauthorized Server Access

Direct access to your database server should be restricted to specific client computers to prevent unauthorized server access.

Vulnerabilities Vulnerabilities that make your database server susceptible to unauthorized server access include:

  • Failure to block the SQL Server port at the perimeter firewall
  • Lack of IPSec or TCP/IP filtering policies

Attacks Direct connection attacks exist for both authenticated users and those without a user name and password; for example

  • Tools such as Query Analyzer (Isqlw.exe) or the command line equivalent (Osql.exe) are used to establish a direct connection to SQL Server and issue commands.
  • Server information, such as software version, is revealed to an attacker who sends carefully constructed packets to listening ports.

Countermeasures To counter these attacks:

  • Make sure that SQL Server ports are not visible from outside of the perimeter network.
  • Within the perimeter, restrict direct access by unauthorized hosts, for example, by using IPSec or TCP/IP filters.

Password Cracking

  • A common first line of attack is to try to crack the passwords of well known account names, such as sa (the SQL Server administrator account).

Vulnerabilities Common vulnerabilities that lead to password cracking are:

  • Weak or blank passwords
  • Passwords that contain everyday words

Attacks Common password cracking attacks include:

  • Dictionary attacks
  • Manual password guessing

Countermeasures To counter these attacks:

  • Create passwords for SQL Server login accounts that meet complexity requirements.
  • Avoid passwords that contain common words found in the dictionary.

Starting to install MySQL database

  • There are many implementations of the SQL database language available on Linux and Unix-like systems. MySQL and MariaDB are two popular options for deploying relational databases in server environments.
  • However, like most software, these tools can be security liabilities if they are configured incorrectly. This tutorial will guide you through some basic steps you can take to secure your MariaDB or MySQL databases, and ensure that they are not an open door into your VPS.
  • For the sake of simplicity and illustration, we will use the MySQL server on an Ubuntu 12.04 VPS instance. However, these techniques can be applied to other Linux distributions and can be used with MariaDB as well.

Initial Setup

  • MySQL gives you an opportunity to take the first step towards security during installation. It will request that you set a root password.
Configuring mysql-server
  • sudo apt-get install mysql-server

You can always set the root password at a later time, but there is no reason to skip this step, so you should secure your administrator account from the very beginning.

Once the installation is complete, we should run a few included scripts. First, we will use the "mysql_install_db" script to create a directory layout for our databases.

  • sudo mysql_install_db


Next, run the script called "mysql_secure_installation". This will guide us through some procedures that will remove some defaults that are dangerous to use in a production environment.

  • sudo mysql_secure_installation

it will first prompt you for the root password you set up during installation. Immediately following, you will be asked a series of questions, beginning with if you'd like to change the root password.

This is another opportunity to change your password to something secure if you have not done so already.

You should answer "Y" (for yes) to all of the remaining questions.

This will remove the ability for anyone to log into MySQL by default, disable logging in remotely with the administrator account, remove some test databases that are insecure, and update the running MySQL instance to reflect these changes.


Security Considerations

The overarching theme of securing MySQL (and almost any other system) is that access should be granted only when absolutely necessary. Your data safety sometimes comes down to a balance between convenience and security.

In this guide, we will learn on the side of security, although your specific usage of the database software may lead you to pick and choose from these options.

Security Through the My.cnf File

The main configuration file for MySQL is a file called "my.cnf" that is located in the "/etc/mysql/" directory on Ubuntu and the "/etc/" directory on some other VPS.

We will change some settings in this file to lock down our MySQL instance.

Open the file with root privileges. Change the directory path as needed if you are following this tutorial on a different system

sudo nano /etc/mysql/my.cnf

The first setting that we should check is the "bind-address" setting within the "[mysqld]" section. This setting should be set to your local loopback network device, which is "127.0.0.1". bind-address = 127.0.0.1

  • This makes sure that MySQL is not accepting connections from anywhere except for the local machine.
  • If you need to access this database from another machine, consider connecting through SSH to do your database querying and administration locally and sending the results through the ssh tunnel.
  • The next hole we will patch is a function that allows access to the underlying filesystem from within MySQL. This can have severe security implications and should be shut off unless you absolutely need it.

In the same section of the file, we will add a directive to disable this ability to load local files: local-infile=0 This will disable loading files from the filesystem for users without file level privileges to the database.

MySQL log, error log

If we have enough space and are not operating a huge database, it can be helpful to log additional information to keep an eye on suspicious activity.

Logging too much can create a performance hit, so this is something you need to weigh carefully.

You can set the log variable within the same "[mysqld]" section that we've been adding to.

log=/var/log/mysql-logfile

Make sure that the MySQL log, error log, and mysql log directory are not world readable sudo ls -l /var/log/mysql*

Securing MySQL From Within

  • There are a number of steps you can take while using MySQL to improve security.
  • We will be inputting the commands in this section into the MySQL prompt interface, so we need to log in.

mysql -u root -p

You will be asked for the root password that you set up earlier.

Securing Passwords and Host Associations

SELECT User,Host,Password FROM mysql.user;

Securing Passwords and Host Associations example

As you can see, in our example set up, the user "demo-user" has no password and is valid regardless of what host he is on. This is very insecure.

We can set a password for the user with this command. Change "newPassWord" to reflect the password you wish to assign.

UPDATE mysql.user SET Password=PASSWORD('newPassWord') WHERE User="demo-user";

If we check the User table again, we will see that the demo user now has a password.

SELECT User,Host,Password FROM mysql.user;

Securing Passwords and Host Associations example


If you look in the "Host" field, you will see that we still have a "%", which is a wildcard that means any host. This is not what we want. Let's change that to be "local-host".

UPDATE mysql.user SET Host='localhost' WHERE User="demo-user";

If we check again, we can see that the User table now has the appropriate fields set.

SELECT User,Host,Password FROM mysql.user;

If our table contains any blank users (it should not at this point since we ran "mysql_secure_installation", but we will cover this anyways), we should remove them.

To do this, we can use the following call to delete blank users from the access table.

DELETE FROM mysql.user WHERE User="";

After we are done modifying the User table, we need to input the following command to implement the new permissions.

FLUSH PRIVILEGES;

Implementing Application-Specific Users

Similar to the practice of running processes within Linux as an isolated user, MySQL benefits from the same kind of isolation.

Each application that uses MySQL should have its own user that only has limited privileges and only has access to the databases it needs to run.

When we configure a new application to use MySQL, we should create the databases needed by that application.

create database testDB;

Query OK, 1 row affected (0.00 sec)

Next, we should create a user to manage that database, and assign it only the privileges it needs. This will vary by application, and some uses need more open privileges than others.

To create a new user, use the following command.

CREATE USER 'demo-user'@'localhost' IDENTIFIED BY 'password';

We can grant the new user privileges on the new table with the following command. See the tutorial on how to create a new user and grant permissions in MySQL to learn more about specific privileges.

GRANT SELECT,UPDATE,DELETE ON testDB.* TO 'demo-user'@'localhost';


As an example, if we later need to revoke update privileges from the account, we could use the following command.

REVOKE UPDATE ON testDB.* FROM 'demo-user'@'localhost';

If we need all privileges on a certain database, we can specify that with the following.

GRANT ALL ON testDB.* TO 'demo-user'@'localhost';

Securing Passwords and Host Associations example

To show the current privileges of a user, we first must implement the privileges we specified using the "flush privileges" command. Then, we can query what grants a user has:

FLUSH PRIVILEGES; show grants for 'demo-user'@'localhost';

Always flush privileges when you are finished making changes.



Changing the Root User

One additional step that you may want to take is to change the root login name. If an attacker is trying to access the root MySQL login, they will need to perform the additional step of finding the user-name.

The root login can be changed with the following command. rename user 'root'@'localhost' to 'newAdminUser'@'localhost';

We can see the change by using the same query we've been using for the User database.

select user,host,password from mysql.user;

Again, we must flush privileges for these changes to happen.

FLUSH PRIVILEGES;

Remember that you will have to log into MySQL as the newly created username from now on when you wish to perform administrative tasks.

mysql -u newAdminUser -p

Summary

Database is always at risk, cause one small mistake and the hacker can access to the database from different ways with different methods, You should now have a general understanding about databases and how they're used. present article was for beginners that try to gain an understanding of databases security. Databases are not like most other files and require a little bit of thought in order for you to understand the concept of securing the database.

See also

Securing database

Database security

Building Secure Data Access

References

[1] Linux information

[2]Operating System - Linux

[3] Sudo definition

[4] Root meaning in Linux operation system

[5] Securing the database

[6] Threats and Countermeasures

 Category : Operating systems English version