Honeypot your database
And easy method to detect if you've been hacked
- Track: MySQL and Friends devroom
- Room: H.1309 (Van Rijn)
- Day: Saturday
- Start: 13:35
- End: 13:55
Most database attackers are after your sensitive data. But there's no easy way to detect them accessing the data since your application will be accessing it too. This is where honey-potting can be really useful. This session will demonstrate a neat way to do honey-potting using nothing but existing MySQL tools.
We will demonstrate how one can set up a "honey-pot table" and set alarms around it in such a way that, when the table is accessed the server will take decisive actions to limit the session's access and warn the DBA. We will do with nothing but stock tools available for the MySQL 5.7 server.
Speakers
Georgi Kodinov (Joro) |