Tag: security

Security

MySQL Security – Password Validation Plugin

When thinking about security within a MySQL installation, you should consider a wide range of possible procedures / best practices and how they affect the security of your MySQL server and related applications. MySQL provides many tools / features / plugins in order to protect your data including some advanced features like Transparent Data Encryption …

Miscellaneous

How to Secure your PostgreSQL Database – 10 Tips

Once you have finished the installation process of your PostgreSQL database server it is necessary to protect it before going into production. In this post, we will show you how to harden the security around your database to keep your data safe and secure. 1. Client Authentication Control When installing PostgreSQL a file named pg_hba.conf …

Clustering

Percona XtraDB Cluster and SELinux: Getting It To Work

In this blog post, I’ll look at how to make Percona XtraDB Cluster and SELinux work when used together. Recently, I encountered an issue with Percona XtraDB Cluster startup. We tried to setup a three-node cluster using Percona XtraDB Cluster with a Vagrant CentOS box, but somehow node2 was not starting. I did not get enough …

Miscellaneous

Oracle Releases Database Security Assessment Tool: A New Weapon in the War to Protect Your Data

Evaluate your database security before hackers do it for you!! Today, we have guest blogger  –   Vipin Samar, Senior Vice President, Oracle Data is a treasure. And in my last 20 years of working in security, I’ve found that hackers have understood this better than many of the organizations that own and process the data. …

NoSQL MongoDB

Enabling IP Security for MongoDB 3.6 on Ubuntu

MongoDB 3.6 provides developers and DevOps professionals with a secure by default configuration that protects data from external threats by denying unauthorized access on a public network. MongoDB servers will now only listen for connections on the local host unless explicitly configured to listen on another address. This tutorial will briefly show you how to …

Miscellaneous

Five Data Management Predictions for 2018

By Dave Beulke, on January 10th, 2018 Happy New Year! I hope everyone has their 2018 filled with good health, happiness and prosperity. Once again I am offering you my data management predictions for 2018. Thank you all for great support in 2017 and countless emails regarding my conference, user group presentations and blogs last …

Security

Ransomware Attacks Against MySQL and How to Avoid Them

One of the biggest news stories of 2017 on the MySQL front was unfortunately not a good one.  In February, hundreds of MySQL databases were erased and replaced with a ransom demand for 0.2 bitcoin, or about $234 US dollars at the time.  At least it wasn’t as bad as the previous month, when tens …

Security

MySQL 8.0.4 RC: auth_socket Users Beware!

  The news that the latest MySQL 8.0.4 RC (release candidate) is available is indeed exciting. Unfortunately for users of the auth_socket plugin, dangers lie in wait! Back in November 2015, I reported Failure of auth_socket authentication with sha256_password as default. This prevents users that identify with the auth_socket plugin from logging in after SHA256 authentication has …

Clustering, Security

How to Secure Galera Cluster – 8 Tips

  As a distributed database system, Galera Cluster requires additional security measures as compared to a centralized database. Data is distributed across multiple servers or even datacenters perhaps. With significant data communication happening across nodes, there can be significant exposure if the appropriate security measures are not taken. In this blog post, we are going …

Performance

20-30% Performance Hit from the Spectre Bug Fix on Ubuntu

  In this blog post, we’ll look at the performance hit from the Spectre bug fix on Ubuntu. Recently we measured the performance penalty from the Meltdown fix on Ubuntu servers. It turned out to be negligible. Today, Ubuntu made a Spectre bug fix on Ubuntu available, shipped in kernel 4.4.0-112. As with the Meltdown …