We did have AppDetective, though. We've run into many issues with getting AppDetective to audit LotusNotes databases, so I was a little worried. But, I'm happy to say that it was pretty straight forward and I got good results back.
To do this:
Fire up AppDetective
Add an application
- Fill out the DNS Name / IP Address
- On the Port tab, pick MySQL (and the correct version.) For my test I was able to leave the default port, but you could add the port if it is not on the default.
- On the platform tab, select the platform that the application is running on.
- On the Miscellaneous tab, I added the version of MySQL.
Expand the + signs until you reach your application.
Right-mouse click on the app, and pick Audit with....
then choose your audit policy
(Of course, you could run a Pen Test, or pick any number of audit policies.)
I chose Strict.
The AppDetectivePro - Run Audit window will pop up.
Right-mouse click in the username/password frame.
At this point, you can fill in the username and password combination that will grant you the access you need. I always test the DB connection, just to make sure every thing connects and works.
Click OK.
Then, click the Run Audit button to start the test.
If I've left anything out, leave it for me in the comments, and I'll update the post.
Hi, recently I've been requested to scan internal MySQL database and got an issue before run audit in AppDetective. Actually I do varous Oracle, MS SQL and Domino database audits for past 2 years and never tried to audit MySQL. My issue is related to ODBC driver, after discovering server I decide to check user credentials. I entered information and clicked to Test connection and I got message "Unable to find valid MySQL ODBC driver". I did not find info regarding it in your post and if you faced such message please share you experience.
ReplyDeleteThanks in advance.