Tag: security

Miscellaneous

Oracle Releases Database Security Assessment Tool: A New Weapon in the War to Protect Your Data

Evaluate your database security before hackers do it for you!! Today, we have guest blogger  –   Vipin Samar, Senior Vice President, Oracle Data is a treasure. And in my last 20 years of working in security, I’ve found that hackers have understood this better than many of the organizations that own and process the data. …

NoSQL MongoDB

Enabling IP Security for MongoDB 3.6 on Ubuntu

MongoDB 3.6 provides developers and DevOps professionals with a secure by default configuration that protects data from external threats by denying unauthorized access on a public network. MongoDB servers will now only listen for connections on the local host unless explicitly configured to listen on another address. This tutorial will briefly show you how to …

Miscellaneous

Five Data Management Predictions for 2018

By Dave Beulke, on January 10th, 2018 Happy New Year! I hope everyone has their 2018 filled with good health, happiness and prosperity. Once again I am offering you my data management predictions for 2018. Thank you all for great support in 2017 and countless emails regarding my conference, user group presentations and blogs last …

Security

Ransomware Attacks Against MySQL and How to Avoid Them

One of the biggest news stories of 2017 on the MySQL front was unfortunately not a good one.  In February, hundreds of MySQL databases were erased and replaced with a ransom demand for 0.2 bitcoin, or about $234 US dollars at the time.  At least it wasn’t as bad as the previous month, when tens …

Security

MySQL 8.0.4 RC: auth_socket Users Beware!

  The news that the latest MySQL 8.0.4 RC (release candidate) is available is indeed exciting. Unfortunately for users of the auth_socket plugin, dangers lie in wait! Back in November 2015, I reported Failure of auth_socket authentication with sha256_password as default. This prevents users that identify with the auth_socket plugin from logging in after SHA256 authentication has …

Clustering, Security

How to Secure Galera Cluster – 8 Tips

  As a distributed database system, Galera Cluster requires additional security measures as compared to a centralized database. Data is distributed across multiple servers or even datacenters perhaps. With significant data communication happening across nodes, there can be significant exposure if the appropriate security measures are not taken. In this blog post, we are going …

Performance

20-30% Performance Hit from the Spectre Bug Fix on Ubuntu

  In this blog post, we’ll look at the performance hit from the Spectre bug fix on Ubuntu. Recently we measured the performance penalty from the Meltdown fix on Ubuntu servers. It turned out to be negligible. Today, Ubuntu made a Spectre bug fix on Ubuntu available, shipped in kernel 4.4.0-112. As with the Meltdown …

Miscellaneous, Performance, Security

Does the Meltdown Fix Affect Performance for MySQL on Bare Metal?

In this blog post, we’ll look at does the Meltdown fix affect performance for MySQL on bare metal servers. Since the news about the Meltdown bug, there were a lot of reports on the performance hit from proposed fixes. We have looked at how the fix affects MySQL (Percona Server for MySQL) under a sysbench workload. …

Miscellaneous

ProxySQL Firewalling – Percona Database Performance Blog

  In this blog post, we’ll look at ProxySQL firewalling (how to use ProxySQL as a firewall). Not long ago we had an internal discussion about security, and how to enforce a stricter set of rules to prevent malicious acts and block other undesired queries. ProxySQL came up as a possible tool that could help us in …

Clustering, Security

ClusterControl Tips & Tricks: Securing your MySQL Installation (Updated)

  Requires ClusterControl 1.2.11 or later. Applies to MySQL based clusters. During the life cycle of Database installation it is common that new user accounts are created. It is a good practice to once in a while verify that the security is up to standards. That is, there should at least not be any accounts …