加密C#和mysql之间的数据流量 [英] Encrypt data traffic between c# and mysql
问题描述
我在C#.Net中有一个Windows应用程序,它使用mysql数据库存储数据. Mysql DB和Windows应用程序在同一台计算机上.我正在对系统进行安全审核,要求之一是对C#和Mysql之间的所有通信进行加密.我已经实现了openssl并且连接已经加密,但是我还需要加密c#和mysql之间的数据通信.例如,当从c#执行插入查询时,数据包软件(echo mirage)显示明文(带有数据的整个插入查询)可能是我的c#应用程序使用硬代码查询而不是存储过程的原因.如何加密流量?请帮助
I have a windows application in C#.Net which uses mysql database to store data. Mysql DB and windows application are on the same machine. I am working through a security audit for a system at my work and one of the requirements is to encrypt all traffic between C# and Mysql. I have already implemented openssl and the connection has now encrypted but I also need to encrypt the Data traffic between c# and mysql. For e.g when the insert query executes from c#, the packet software (echo mirage) shows clear text(whole insert query with data) may be the reason is my c# application is using hardcode queries instead of stored procedures. How can I encrypt the traffic? Please help
推荐答案
如果您的要求之一是加密C#和Mysql之间的所有流量",那么我建议您设置
If one of your requirements is "to encrypt all traffic between C# and Mysql", then I would recommend setting the require_secure_transport
system variable (on your MySQL Server) to 1. This will prevent any insecure connections from being created at all.
You will also need to configure your MySQL Server to use SSL, as per this tutorial (which you referenced in the comments).
在C#程序中,确保连接字符串中有SslMode=Required
.这样可以确保C#和MySQL之间的所有流量,包括查询和响应,都经过加密(除了在连接开始时进行的简短的纯文本握手之外).
In your C# program, make sure you have SslMode=Required
in your connection string. This will ensure that all traffic between C# and MySQL, including queries and responses, is encrypted (apart from a short plaintext handshake at the very beginning of a connection).
完成此操作后,Echo Mirage(或任何网络数据包捕获工具)将无法在网络上读取查询的纯文本.
Once this is done, Echo Mirage (or any network packet capture tool) will not be able to read the plain text of queries on the wire.
这篇关于加密C#和mysql之间的数据流量的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!