473,789 Members | 2,781 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Mysqld Logs

Hello all,

I am currently suffering from a high loss of my database.the problem
is like this.
I have a DATABASE server running MySQLD 3.23.58.Users vist and sign up
their interest in my website.Now the problem is arising that when a
user signs up first , they get emails of confirmation from my
server.In addition to these emails , the customer also gets some
annoyed e-mails from someone residing/depending totllay on @yahoo.com
email-address maintaining the anonymity.

I did try by sending only e-mails to some my own email address,
whether someone is sniffering through my traffic, but I got no e-mail
except the ones I had sent myself.

After this I added some other email addresses in my DB server but I
sent no email to them at all.This time all email addresses got those
*annoying* e-mails also.
I am really fed up with this issue, getting no clue how to come to
know about this.

I am now thinking about adding --log option to safe_mysql to log all
queries, But I am again doubtfull if that would do any help to me .
Thanks in advance for your result oriented help.
Jul 19 '05 #1
1 1735
Nasir wrote:
After this I added some other email addresses in my DB server but I
sent no email to them at all.This time all email addresses got those
*annoying* e-mails also.


So if I understood correctly, you think someone is reading the e-mail
addresses from your database?

There are many ways to do this:
- There is a virus that reads e-mail addresses from harddrive and sends
atleast itself to those addresses, perhaps same or similar virus could
send spam or other e-mail also. This propably affects you only if you
are a Windows user.
- Someone might have read access to your harddrive, and he/she could
read databasefiles without using the database itself.
- User that has access to database. Unless you are not the root user, it
could be the root user, or someone else that has similar privileges.
- Your database username and password could be too easy for someone to
guess.
- You have leaked the username and password of the database out. For
example password is written to some file which has been readable by
anyone. ( Common issue is that the password is in the php file, and
somewhere at that server someone is using for example php-includes that
take the includable file as a parameter, so that anyone can write the
file they want to include and see php source code and passwords. )
- You allow sql-injections. Which means that with some parameters, users
can commit their own sql queries to your database, for example to see
all e-mail addresses.
- You could have a list of all addresses listed in some page, without
you even knowing it. For example a test page or admin page that you have
forgotten that requires now authentication, or authentication is very poor.
- Something else that I don't know, or what I didn't remember.

So since we have no idea what could be the reason you have to start
eliminating threads. If you can log all queries and find the cause, that
would propably tell a lot. If it tells the username and query that was
committed, it would instantly eliminate a lot of threads. And we know
that someone did get the e-mail addresses fromt here, but there are no
queries to see, we know that someone is reading the database files
without using the database.

Another test (if possible) would be to shut down the http-server (if I
understood correctly and you are using such with your database) and then
try inserting new e-mails. That would perhaps also eliminate some threads.

Also to maximise security, you could encrypt your e-mail addresses when
writing then to database, and decrypt when you need one. Even some
simple algorithm would fool some automated programs like viruses or
search-bots, if they are behind this.

Jul 19 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
0
7533
mysqld got signal 11;
by: Stephane Raimbault | last post by:
I've been searching the mailing list for a solution to my problem with "mysqld got signal 11;" and I haven't seen any answers that might help me. This is the situation. I have a db that is being accessed intensively about 400 connections during the wee at a time. I noticed the problem at first with 4.0.13 and tried 3.23.57 and now 4.0.14 with the same problem. I've run the db on FreeBSD 5.1 and 4.8, again same problem. This is what...
MySQL Database
0
2197
mysqld cannot access innodb
by: Maciej Wiznerowicz | last post by:
Dear Sirs, I can not start MySQL server. More specifically, MySQL was running fine all the time since installation. It stopped working after I used FmPro Migrator to convert some File Maker databases to MySQL It looks like mysqld has no access permissions to InnoDB and I do not know how to fix it.
MySQL Database
0
1732
Fw: Mysqld dead subsys locked
by: Robert Morgan | last post by:
------=_NextPart_000_0009_01C36013.CF9CC9F0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable ----- Original Message -----=20 From: Robert Morgan=20 To: mysqllist=20 Sent: Monday, August 11, 2003 1:50 PM
MySQL Database
0
624
4.0.14 install problem: mysqld crashes
by: Gary Cote | last post by:
>Description: I've recently compiled mysql 4.0.14 on redhat 8.0. The installation fails, however, when running mysql_install_db. I've attached a transcript below. I gather from searching the 'net that this isn't an entirely unusual thing to happen, and is likely the result of some misconfiguration on my part, or perhaps a version incompatability with my libc. Unfortunately, I haven't seen any concrete suggestions on how to get past it.
MySQL Database
3
5625
mysqld startup problem
by: Paul | last post by:
I'm using ssh to administer a mysql server, version 3.23.49, which I just installed. The problem when starting mysqld: I type "mysqld" at the shell prompt and hit return, then I get the message "mysqld: ready for connections". But then it doesn't give me back the shell prompt. I can type stuff on the screen, but it doesn't do anything. I've tried Ctrl-C and Ctrl-Z, but that does nothing. Any ideas? Thanks. Paul
MySQL Database
1
1441
Mysqld Logs
by: Nasir | last post by:
Hello all, I am currently suffering from a high loss of my database.the problem is like this. I have a DATABASE server running MySQLD 3.23.58.Users vist and sign up their interest in my website.Now the problem is arising that when a user signs up first , they get emails of confirmation from my server.In addition to these emails , the customer also gets some
MySQL Database
0
1676
So many child process of mysqld (version 4.0.21)
by: Azhar H. | last post by:
I upgread mysql 3.23.56 to 4.0.21, succesfully upgraded. But, I observed abnormal behaviour of mysql (or may be i dont know). Thing is, in mysql 3.23.56 when I start service, only one procses exist but when I upgraded to mysql (4.0.21). Above command shows me 25+ mysqld child process. Is this is correct or any problem. Logs shows me successful start/stop. Thanking in advance. Azhar H.
MySQL Database
1
16813
Problem Starting mysqld
by: Jeremy Kohansimeh | last post by:
Hello, I just installed version 4.0.21 on a Mandrake 8.2 system. I cannot get the MySql daemon to run. I am using the following commands, and receiving these errors: $mysqld_safe --user=mysql Starting mysqld daemon with databases from /var/lib/mysql STOPPING server from pid file /var/lib/mysql/JBrain.pid 040921 09:01:55 mysqld ended
MySQL Database
0
3640
How can I make mysqld find the table 'mysql.host' on Fedora Core 4?
by: tomzam | last post by:
I'm trying to get mysql working on Fedora Core 4. Actually trying to start the program mysqld without fatal errors. I posted this message first on the linux misc group - but no luck so far. Maybe people on this group can help me out. Sorry about posting to two groups. The reference manual for mysql ver 4.1 is huge, it's over 1900 pages! I've tried all day but now I have to ask for help from people more experienced then me. Anyway, this is...
MySQL Database
0
9511
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
Windows Server
0
10408
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
C / C++
1
10139
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
Windows Server
0
9983
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
General
0
9020
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
1
7529
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
Microsoft Access / VBA
0
6769
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
2
3700
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
3
2909
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us