Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

Re: (nrd) CGI frontend for mySQL

by newrisedesigns (Curate)
on Feb 28, 2003 at 16:56 UTC ( #239478=note: print w/ replies, xml ) Need Help??


in reply to CGI frontend for mySQL

This might be just my paranoia, but if I were you, I wouldn't let anyone but you have access to it.

use DBI; print "Content-type: text/html\n\n"; if($ENV{REMOTE_ADDR} ne '127.0.0.1'){ #your IP exit; }

Of course, if you don't have a static IP, you can't do this.

John J Reiser
newrisedesigns.com


Comment on Re: (nrd) CGI frontend for mySQL
Download Code
Re: Re: (nrd) CGI frontend for mySQL
by jonadab (Parson) on Feb 28, 2003 at 18:29 UTC
    Of course, if you don't have a static IP, you can't do this.

    You can, it's just more involved. First, you have to signup for dynamic DNS service (e.g., with dyndns), then set up your system to automatically update that whenever your IP changes. Then the script has to resolve your dynamic DNS into its current IP and compare that against $ENV{REMOTE_ADDR}. This opens up in theory a window for someone who has your IP after your connection dies and is terminated and before you reconnect and update your dynamic DNS record. In practice, if you don't have a static IP that probably means you get your IP via DHCP from your ISP, so that a potential attacker would not only have to use your same ISP but also would not have any way to arrange to have your IP right after you disconnect; the most he could do (without 0wning your ISP's DHCP server at least) would be to monitor your dynamic DNS address via ping to know when you disconnect, and immediately redial just hoping to get the IP you just released. After enough tries he might get it, in theory. But that's less risk than an easily-guessed password.


    for(unpack("C*",'GGGG?GGGG?O__\?WccW?{GCw?Wcc{?Wcc~?Wcc{?~cc' .'W?')){$j=$_-63;++$a;for$p(0..7){$h[$p][$a]=$j%2;$j/=2}}for$ p(0..7){for$a(1..45){$_=($h[$p-1][$a])?'#':' ';print}print$/}

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://239478]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (8)
As of 2014-12-27 02:05 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (176 votes), past polls