Thank you for giving me your valuable time. Is there any way to audit remote logins?. It will help us to monitor failed logins and track hacking attempts. Regards, Kannan RBK On Thu, Nov 13, 2014 at 4:59 PM, Hannes Mühleisen wrote:

Hello Kannan,

...

On 13 Nov 2014, at 10:58, kannan rbk wrote: I am started using of MonetDB in our development environment, we decided to move this to our production environment. Before deploying into production environment, I want to know about existing security vulnerabilities and precautions to be taken care of using MonetDB.

In general, any database should not be directly accessible by anything else but the application using it. So in the case of MonetDB, it would be a bad idea to open the MAPI port (usually 50000) to the outside. On the application layer, allowing users to manipulate SQL queries is also dangerous due to SQL injection attacks. A common workaround would be the use of prepared statements.

Hope this helps,

Hannes

_______________________________________________ users-list mailing list users-list@monetdb.org https://www.monetdb.org/mailman/listinfo/users-list

-- Regards, Bharathikannan R