Corruption of server-mounted database

Question

Corruption of server-mounted database

Navigation

#1 by (2 votes)

0

I am receiving an advanced PHP programming course in a mini-company that has two servers:

MAIN: contains the main programs
DEVELOPMENT: here the systems are improved and then the main one is uploaded

There are five computers and five people who work and apart from the administrator of the phpmyadmin and, if applicable, the servers, it controls all the phpmyadmin access of the users that there are, to the main database.

The following happens, there is a system that was saving user records and a lot of data from them, they went around 80000 records, the system was updated about 1 month ago and it continued to work fine, 3 days ago, the table started to give problems, when you wanted to go to the last record I took you out of PHPmyAdmin, here it was thought that they were privileges, but all had full access, even by PHPmyAdmin you could insert data but not see them, the system started to throw errors of MySQL, number 2013

I was reading and that happens

because the response time runs out
access problems or firewall.

All PCs have access, the firewall is disabled, the waiting time has been changed to a larger one.

There is another system that makes queries of even 60 fields, this system only has 17.

The other table closes alone more or less in half or a quarter of the registers, that is to say it reaches 30,000 and leaves.

Apparently the database was corrupted, but only the administrator that I told them has access, could he have done something, or in what way could this database have been corrupted.

I say this because I also had time doing SQL INYECTION tests on that system, because the update discovered some failures, it also showed interest on their part to show that the creator of that system did not have sufficient capacity and knowledge.

It should be noted that the day we realized that the system was failing, that same day they made a backup to all systems which was not programmed

• I would like to know how the table could be repaired

• It is possible to access the Xamp folder, mysql and copy everything

• How to know if it was an SQL attack

I know that the question can enter into opinions, but I would like to know a process that more or less could apply.

mysql

asked by Victor Alvarado 17.03.2017 в 14:54

source

1 answer

JTableHeader Netbeans [closed] Back to erase subviews of a TableView after a reload?

score 2 · Accepted Answer

Your question is too broad and it is difficult to give a definitive answer to such a complex problem.

As you say, maybe the BD has been corrupted, maybe it received an SQL injection attack, maybe the DB is badly designed (badly placed indexes, redundant data, etc), this last one is very frequent, that is, a bad design conceived works well but when the data starts to grow you have errors of type 2013 ... because there is a lot of data and they are not being managed in the best way. Or simply it's a problem of the PhpMyAdmin and not the data!

First of all, make a current copy of your data and do not trash the previous copies.

Then start to analyze the BD, maybe starting with the last thing I said.

To purge that it is not simply an interface problem, some error of the PHPMyAdmin, to create a php test file that makes any of those queries that are giving you problems and checking if they are executed satisfactorily or you are not evaluating a possible problem which does not really have anything to do with your data. That is, evaluate first if the current problem does not come from something that is external to your data.

Then if you verify that everything that is external works well, go on to analyze your data. The law starts at home , they say. So, before thinking about a hacker, think about a possible bad design of the BD that worked well for a while, but now it does not because it is large and must already do handles that are painful because of a bad design .

For example:

What happens if you do one of those queries in which the DB gives error 2013 putting in front EXPLAIN ? Imagine that this query is poorly written, or that the indexes are wrong and the system instead of a row is reading 80,000

In that sense, EXPLAIN could be interesting for your case. I leave this link , in case you want to explore that possibility.

If the design is optimized, normalized and the queries well written, then you should start exploring other causes, always going from the most particular to the general. That is, the problem is sometimes on our part that we are the ones who manipulate the machines. How have we designed, stored, consulted this data? Sometimes we do not do it in the best way and that's why the system complains. How have we secured them so there are no attacks? ... It is necessary to ask many questions and go answering them with concrete analyzes until finding the cause.