Showing entries 4541 to 4550 of 22622
« 10 Newer Entries | 10 Older Entries »
Displaying posts with tag: MySQL (reset)
Network attacks on MySQL, Part 2: SSL stripping with MySQL

Intro

In my previous blog post I told you to use SSL/TLS to secure your MySQL network connections. So I followed my advice and did enable SSL. Great!

So first let's quickly verify that everything is working.

So you enabled SSL with mysql_ssl_rsa_setup, used a OpenSSL based build or put ssl-cert, ssl-key and ssl-ca in the mysqld section of your /etc/my.cnf and now show global variables like 'have_SSL'; returns 'YES'.

And you have configured the client with --ssl-mode=PREFERRED. Now show global status like 'Ssl_cipher'; indicates the session is indeed secured.

You could also dump traffic and it looks 'encrypted' (i.e. not readable)...

With SSL enabled everything should be safe isn't it?

The handshake …

[Read more]
MariaDB 10.1.22 now available

The MariaDB project is pleased to announce the immediate availability of MariaDB 10.1.22. This is a Stable (GA) release. See the release notes and changelog for details. Download MariaDB 10.1.22 Release Notes Changelog What is MariaDB 10.1? MariaDB APT and YUM Repository Configuration Generator Thanks, and enjoy MariaDB!

The post MariaDB 10.1.22 now available appeared first on MariaDB.org.

How to store date, time, and timestamps in UTC time zone with JDBC and Hibernate

Introduction Dealing with time zones is always challenging. As a rule of thumb, it’s much easier if all date/time values are stored in the UTC format, and, if necessary, dealing with time zone conversations in the UI only. This article is going to demonstrate how you can accomplish this task with JDBC and the awesome … Continue reading How to store date, time, and timestamps in UTC time zone with JDBC and Hibernate →

TEXT and VARCHAR inefficiencies in your db schema

The TEXT and VARCHAR definitions in many db schemas are based on old information – that is, they appear to be presuming restrictions and behaviour from MySQL versions long ago. This has consequences for performance. To us, use of for instance VARCHAR(255) is a key indicator for this. Yep, an anti-pattern.

VARCHAR

In MySQL 4.0, VARCHAR used to be restricted to 255 max. In MySQL 4.1 character sets such as UTF8 were introduced and MySQL 5.1 supports VARCHARs up to 64K-1 in byte length. Thus, any occurrence of VARCHAR(255) indicates some old style logic that needs to be reviewed.

Why not just set the maximum length possible? Well…

A VARCHAR is subject to the character set it’s in, for UTF8 this means either 3 or 4 (utf8mb4) bytes per character can be used. So if one specifies VARCHAR(50) CHARSET utf8mb4, …

[Read more]
Percona XtraDB Cluster 5.6.35-26.20 is now available

Percona announces the release of Percona XtraDB Cluster 5.6.35-26.20 on March 10, 2017. Binaries are available from the downloads section or our software repositories.

Percona XtraDB Cluster 5.6.35-26.20 is now the current release, based on the following:

All Percona software is open-source and free. Details of this …

[Read more]
Troubleshooting MySQL access privileges issues: Q & A

In this blog, I will provide answers to the Q & A for the Troubleshooting MySQL Access Privileges Issues webinar.

First, I want to thank everybody for attending the February 23 webinar. The recording and slides for the webinar are available here. Below is the list of your questions that I wasn’t able to answer during the webinar, with responses:

Q: Should the root@localhost user be given ALL privileges or Super privileges? Does All include Super privileges also?

A: Yes, you should have a user with all privileges. Better if this …

[Read more]
Group Replication minimal SQL based configuration

So you’re interested in the “new” MySQL Group Replication feature but are concerned that configuring it is going to be difficult.  Let me soothe those concerns with this blog post.  Yes, the MySQL team has recently been discussing other methods to configure Group Replication using the RC release of MySQL Shell and how it can be used… Read More »

Network attacks on MySQL, Part 1: Unencrypted connections

Intro

In a set of blog posts I will explain to you how different attacks on the network traffic of MySQL look like and what you can do to secure your systems againt these kinds of attacks.

How to gain access

To gain access to MySQL network traffic you can use tcpdump, dumpcap, snoop or whatever the tool to capture network packets on your OS is. This can be on any device which is part of the connnection: the server, the client, routers, switches, etc.

Besides application-to-database traffic this attack can also be done on replication traffic.

Results

This allows you to extract queries and result sets.

The default password hash type mysql_new_password uses a nonce to protect against password sniffing. But when you change a password this will be sent accross the wire by default. Note that MySQL 5.6 and newer has …

[Read more]
Services Monitoring with Probabilistic Fault Detection

In this blog post, we’ll discuss services monitoring using probabilistic fault detection.

Let’s admit it, the task of monitoring services is one of the most difficult. It is time-consuming, error-prone and difficult to automate. The usual monitoring approach has been pretty straightforward in the last few years: setup a service like Nagios, or pay money to get a cloud-based monitoring tool. Then choose the metrics you are interested in and set the thresholds. This is a manual process that works when you have a small number of services and servers, and you know exactly how they behave and what you should monitor. These days, we have hundred of servers with thousands of services sending us millions of metrics. That is the first problem: the manual approach to configuration doesn’t work.

That is not the only problem. We know that no two servers perform the same because no two servers have exactly the …

[Read more]
MySQL InnoDB Cluster: Automated Installation with Puppet

We saw yesterday that the new MySQL Shell was out and how we could create a MySQL InnoDB Cluster manually using the Shell.

Today, I would like to show you how easy it is to create recipes to automate all the process. I have created a Puppet module that can be used as Proof-of-concept (You might need more features to use it in production, feel free to fork it).

The module can be found on this github repo.

When using Puppet, I really like to put all configuration in hiera.

Environment

We have 3 GNU/Linux servers: mysql1, mysql2 and mysql3.

We won’t install anything related to MySQL manually, everything will be handled by Puppet.

Nodes definition …

[Read more]
Showing entries 4541 to 4550 of 22622
« 10 Newer Entries | 10 Older Entries »