MySQL Shaving Detection Softwares?
 

Since Search is down.....

Can anyone list me a few mysql shaving-detection softwares out there?

I don't actually need it to check if sponsors are shaving, but I may have a use for it in checking whether employees change any mysql data in sensitive tables...

Thx

mmm, I don't know any, lets try Google.com! :Graucho

I keep coming up with sites about women shaving hehe

never heard of a software like this.

get a cheap slave and replicate the master db onto it.

for your purpose it could be the cheapest server available with just enough hd space

you should be the only one knowing the password to access the server.

install cronjobs that create frequent dumps of the db on this slave and you are on a very safe side.

Ok I see your idea, like a hidden backup server. We already have 9 DB servers using native mysql replication, one of them is the backup server...so we could restrict access to it.

What though, for instance, if my programmer changes some stats in accounts of our affiliate program, right before the payout script would run? The backup server solution won't help me out ;/

you are right .. but this would be a hassle for the admin .. he would need to set it back every time ..

have the payout cronjob starting at 5 am .. and the slave creates a dump at 4.59 am .. this would be the only way to cover the risk of temporary manipulation ..

another solution would be a monitoring script that creates a temp database that creates a snapshot x hours before payout and compares it with the table after payout ..

btw, if you use MySql for replication be sure to update to 4.0.20 ..

this bug caused me and many others a shitload of time :

http://bugs.mysql.com/bug.php?id=2886

Here's whree to start http://dev.mysql.com/doc/mysql/en/Binary_log.html It logs all updates to your databases. You can then build an app that validates the databases, for example does the payout match the total signups and were there any changes at the last minute.

Also if you're worried about your programmer, have another independent programmer audit the production code. Programmers can put some crazy stuff in their code if they think no one is looking

that's possible...currently we don't worry about it as only I and the owner have access, but we know someday we will need to delegate responsibility ot our team...that's why I wanted to checkout how these "detect mysql shaving" softwares worked...

Thx for the advice, Ive had that error before, but haven't had it in maybe 6 months now....replication been going smooth for us. I always think it's a good idea to upgrade to latest stables though =)

I'm waiting for MySQL's asynchronous replication. We were looking at using EMIC, but with MySQL's announcement we might as well wait for their own version

So you have a programmer you don't trust? If you can't trust him, why do you have him onboard?

jDoG

No as of yet we have no reason to not trust them, but no reason to trust them either.

We re-located to Costa Rica 7 months ago, and our 3 programmers have only been here 3-4 months. They've been working on a local intranet project as their test....

One day they will move to our real projects though ;>

Looking at that URL, thx.

We do have a process that all production code has to go through me, and all production code relating to money/processing goes through myself and my boss. That's been working well for no surprises. However once our staff has access to our production databases, they can change things directly in the DB...