473,508 Members | 4,779 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Mysqld Logs

Hello all,

I am currently suffering from a high loss of my database.the problem
is like this.
I have a DATABASE server running MySQLD 3.23.58.Users vist and sign up
their interest in my website.Now the problem is arising that when a
user signs up first , they get emails of confirmation from my
server.In addition to these emails , the customer also gets some
annoyed e-mails from someone residing/depending totllay on @yahoo.com
email-address maintaining the anonymity.

I did try by sending only e-mails to some my own email address,
whether someone is sniffering through my traffic, but I got no e-mail
except the ones I had sent myself.

After this I added some other email addresses in my DB server but I
sent no email to them at all.This time all email addresses got those
*annoying* e-mails also.
I am really fed up with this issue, getting no clue how to come to
know about this.

I am now thinking about adding --log option to safe_mysql to log all
queries, But I am again doubtfull if that would do any help to me .
Thanks in advance for your result oriented help.
Jul 19 '05 #1
1 1710
Nasir wrote:
After this I added some other email addresses in my DB server but I
sent no email to them at all.This time all email addresses got those
*annoying* e-mails also.


So if I understood correctly, you think someone is reading the e-mail
addresses from your database?

There are many ways to do this:
- There is a virus that reads e-mail addresses from harddrive and sends
atleast itself to those addresses, perhaps same or similar virus could
send spam or other e-mail also. This propably affects you only if you
are a Windows user.
- Someone might have read access to your harddrive, and he/she could
read databasefiles without using the database itself.
- User that has access to database. Unless you are not the root user, it
could be the root user, or someone else that has similar privileges.
- Your database username and password could be too easy for someone to
guess.
- You have leaked the username and password of the database out. For
example password is written to some file which has been readable by
anyone. ( Common issue is that the password is in the php file, and
somewhere at that server someone is using for example php-includes that
take the includable file as a parameter, so that anyone can write the
file they want to include and see php source code and passwords. )
- You allow sql-injections. Which means that with some parameters, users
can commit their own sql queries to your database, for example to see
all e-mail addresses.
- You could have a list of all addresses listed in some page, without
you even knowing it. For example a test page or admin page that you have
forgotten that requires now authentication, or authentication is very poor.
- Something else that I don't know, or what I didn't remember.

So since we have no idea what could be the reason you have to start
eliminating threads. If you can log all queries and find the cause, that
would propably tell a lot. If it tells the username and query that was
committed, it would instantly eliminate a lot of threads. And we know
that someone did get the e-mail addresses fromt here, but there are no
queries to see, we know that someone is reading the database files
without using the database.

Another test (if possible) would be to shut down the http-server (if I
understood correctly and you are using such with your database) and then
try inserting new e-mails. That would perhaps also eliminate some threads.

Also to maximise security, you could encrypt your e-mail addresses when
writing then to database, and decrypt when you need one. Even some
simple algorithm would fool some automated programs like viruses or
search-bots, if they are behind this.

Jul 19 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
0
7510
mysqld got signal 11;
by: Stephane Raimbault | last post by:
I've been searching the mailing list for a solution to my problem with "mysqld got signal 11;" and I haven't seen any answers that might help me. This is the situation. I have a db that is being...
MySQL Database
0
2175
mysqld cannot access innodb
by: Maciej Wiznerowicz | last post by:
Dear Sirs, I can not start MySQL server. More specifically, MySQL was running fine all the time since installation. It stopped working after I used FmPro Migrator to convert some File Maker...
MySQL Database
0
1717
Fw: Mysqld dead subsys locked
by: Robert Morgan | last post by:
------=_NextPart_000_0009_01C36013.CF9CC9F0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable ----- Original Message -----=20 From: Robert Morgan=20...
MySQL Database
0
624
4.0.14 install problem: mysqld crashes
by: Gary Cote | last post by:
>Description: I've recently compiled mysql 4.0.14 on redhat 8.0. The installation fails, however, when running mysql_install_db. I've attached a transcript below. I gather from searching the...
MySQL Database
3
5602
mysqld startup problem
by: Paul | last post by:
I'm using ssh to administer a mysql server, version 3.23.49, which I just installed. The problem when starting mysqld: I type "mysqld" at the shell prompt and hit return, then I get the message...
MySQL Database
1
1432
Mysqld Logs
by: Nasir | last post by:
Hello all, I am currently suffering from a high loss of my database.the problem is like this. I have a DATABASE server running MySQLD 3.23.58.Users vist and sign up their interest in my...
MySQL Database
0
1656
So many child process of mysqld (version 4.0.21)
by: Azhar H. | last post by:
I upgread mysql 3.23.56 to 4.0.21, succesfully upgraded. But, I observed abnormal behaviour of mysql (or may be i dont know). Thing is, in mysql 3.23.56 when I start service, only one procses exist...
MySQL Database
1
16789
Problem Starting mysqld
by: Jeremy Kohansimeh | last post by:
Hello, I just installed version 4.0.21 on a Mandrake 8.2 system. I cannot get the MySql daemon to run. I am using the following commands, and receiving these errors: $mysqld_safe...
MySQL Database
0
3628
How can I make mysqld find the table 'mysql.host' on Fedora Core 4?
by: tomzam | last post by:
I'm trying to get mysql working on Fedora Core 4. Actually trying to start the program mysqld without fatal errors. I posted this message first on the linux misc group - but no luck so far. Maybe...
MySQL Database
0
7228
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
7128
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
7393
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
7502
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
5635
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
3206
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Networking - Hardware / Configuration
0
1565
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
C# / C Sharp
1
769
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
0
426
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us