conference logo

Playlist "openSUSE Conference 2016"

MySQL Firewall

Georgi Kodinov

MySQL Firewall is an application level firewall filter that intercepts incoming queries and validates them against a database of normalized "safe" queries.
As an integral part of the server it takes advantage of the parsing and normalization that is done anyway so it has minimal impact on normal operations.
The firewall has multiple modes. In learning mode it collects the incoming query normalization in a scratchpad that can be persisted to disk. In alert mode it will just alert the DBA for an unknown query but still let it pass.
And in protecting mode it will reject all unknown queries.
The firewall can be used to limit SQL injection or as a complement to the privilege system to support only particular front end applications.
We will go through all of the stages of installing, training and arming the MySQL firewall with understandable examples.