Quote:
Originally Posted by TeenCat
hm, not sure about this one, because if the db operations are active only for one or two ips, i mean ip of billing or script which is writing into the db, you cannot do anything except from those two ips, and if someone change the settins, then some warning systems have to be activated. but, i am not good in those redneck things but looks like aff security guys have also a bit to learn ... another thing is that every big target will always be under attack, so have luck everyone  |
his point was if you have access to the one of the servers owning the whitelisted IPs in the database server, there is no way to keep the data safe. Ip protecting your database when your code is insecure doesn't do much for you.