Password Reset

I recieved a call from a client saying the web site did not work, turns out
the database password was reset, and not by me. In looking in the DB after
the PW was reset, I could find nothing out of place, although frankly I was
not sure what to look for.

Is this indicitive of an attack? Is this something to worry about? I had
(or so I assumed) plenty of protections on the files, including one of the
more popular anit-spam/injection attack systems.

Any guidance on this would be appriciated.

--
Gary



__________ Information from ESET Smart Security, version of virus signature database 5708 (20101216) __________

The message was checked by ESET Smart Security.

http://www.eset.com





--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=gcdmg-mysql-2@m.gmane.org

Re: Password Reset

--00163628516803c3ef04978d5120
Content-Type: text/plain; charset=ISO-8859-1

SQL injection? Check Apache or whatever log files.

On Thu, Dec 16, 2010 at 4:17 PM, Gary wrote:

> I recieved a call from a client saying the web site did not work, turns out
> the database password was reset, and not by me. In looking in the DB after
> the PW was reset, I could find nothing out of place, although frankly I was
> not sure what to look for.
>
> Is this indicitive of an attack? Is this something to worry about? I had
> (or so I assumed) plenty of protections on the files, including one of the
> more popular anit-spam/injection attack systems.
>
> Any guidance on this would be appriciated.
>
> --
> Gary
>
>
>
> __________ Information from ESET Smart Security, version of virus signature
> database 5708 (20101216) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>
>
>
> --
> MySQL General Mailing List
> For list archives: http://lists.mysql.com/mysql
> To unsubscribe: http://lists.mysql.com/mysql?unsub=alejandrob@olx.com
>
>


--


Infrastructure Team

OLX Inc.

Buenos Aires - Argentina
Phone : 54.11.4775.6696
Mobile : 54.911.50436059
Email: alejandrob@olx.com

--00163628516803c3ef04978d5120--

Re: Password Reset

--0022152d604d9a1785049797dfea
Content-Type: text/plain; charset=ISO-8859-1

Change password statements should show up in the binary logs, too, in some
form or other.

On Thu, Dec 16, 2010 at 9:58 PM, Alejandro Bednarik wrote:

> SQL injection? Check Apache or whatever log files.
>
> On Thu, Dec 16, 2010 at 4:17 PM, Gary wrote:
>
> > I recieved a call from a client saying the web site did not work, turns
> out
> > the database password was reset, and not by me. In looking in the DB
> after
> > the PW was reset, I could find nothing out of place, although frankly I
> was
> > not sure what to look for.
> >
> > Is this indicitive of an attack? Is this something to worry about? I
> had
> > (or so I assumed) plenty of protections on the files, including one of
> the
> > more popular anit-spam/injection attack systems.
> >
> > Any guidance on this would be appriciated.
> >
> > --
> > Gary
> >
> >
> >
> > __________ Information from ESET Smart Security, version of virus
> signature
> > database 5708 (20101216) __________
> >
> > The message was checked by ESET Smart Security.
> >
> > http://www.eset.com
> >
> >
> >
> >
> >
> > --
> > MySQL General Mailing List
> > For list archives: http://lists.mysql.com/mysql
> > To unsubscribe: http://lists.mysql.com/mysql?unsub=alejandrob@olx.com
> >
> >
>
>
> --
>
>
> Infrastructure Team
>
> OLX Inc.
>
> Buenos Aires - Argentina
> Phone : 54.11.4775.6696
> Mobile : 54.911.50436059
> Email: alejandrob@olx.com
>



--
Bier met grenadyn
Is als mosterd by den wyn
Sy die't drinkt, is eene kwezel
Hy die't drinkt, is ras een ezel

--0022152d604d9a1785049797dfea--