Prior to MySQL 5.7 client communications with a MySQL instance
were unencrypted by default. This plaintext capability allowed
for various tools including pt-query-digest to analyze TCP/IP
traffic. Starting with MySQL 5.7 SSL is enabled by default and
will be used in client communications if SSL is detected on the
We can detect and confirm this easily with the
Default client connection traffic (5.6)
On a MySQL 5.6 server we monitor the default MySQL port traffic.
mysql56$ sudo ngrep -d eth1 -wi -P ' ' -W single -l port 3306
interface: eth1 (192.168.42.0/255.255.255.0)
filter: ( port 3306 ) and ((ip || ip6) || (vlan && (ip || ip6)))
We connect to this server using TCP/IP.
host$ mysql -uexternal -p -h192.168.42.16
mysql56> select 'unencrypted';
We can observe the communication to and from the server (in this
example 192.168.42.16) is …[Read more]