MySql database table destroyed

[igor berger]

Recently a session database table was destroyed on my phpBB forum!

 

I was able to restore the table from an earlier database dump.

I changed the databade user permissions not to allow DROP, this is a temporary hack at best.

 

I am consern that a hacker can be more sofisticated next time and delete database records.

 

1. Any suggestion to preventetive methods that can be used to prevent attack on the MySQL database?

 

I have noidea how this could have happened! There are no hidden Worms or Trojans on my server account, although it is a virtual server, so could have been attacked from another account on the server?

 

Changing the password will also help..

 

Any comments are welcomed.

 

[Daniel0]

Other VPSs cannot access your VPS, they run independently of each other. Are you sure it was a hacker and not some sort of bug? Was the table just truncated or dropped? They could have used SQL injection to do it through an insecure script.

[igor berger]

Sorry for coming back late on this. Now that I think about the table was destroyed, and I got some error that the table cannot be accessed. When I looked at the table there were no fields configured. It was ripped apart, sort of. Maybe it was some MySql bug, because if it was an injection, the table would have been truncated or dropped.

 

I do not have the exact error code! What do you think?