This Thursday (February 25th, 13:00 UTC - way earlier than usual!), Darren Cassar will present Securich - Security Plugin for MySQL. According to Darren, the author of the plugin, Securich is an incredibly handy and versatile tool for managing user privileges on MySQL through the use of roles. It basically makes granting and revoking rights a piece of cake, not to mention added security it provides through password expiry and password history, the customization level it permits, the fact that it runs on any MySQL 5.0 or later and it's easily deployable on any official MySQL binary, platform independent.
More information here: http://www.securich.com/about.html.

For MySQL University sessions, point your …

This Thursday (February 25th, 13:00 UTC - way earlier than usual!), Darren Cassar will present Securich - Security Plugin for MySQL. According to Darren, the author of the plugin, Securich is an incredibly handy and versatile tool for managing user privileges on MySQL through the use of roles. It basically makes granting and revoking rights a piece of cake, not to mention added security it provides through password expiry and password history, the customization level it permits, the fact that it runs on any MySQL 5.0 or later and it's easily deployable on any official MySQL binary, platform independent.
More information here: http://www.securich.com/about.html.

For MySQL University sessions, point your …

How To Set Up MySQL Database Replication With SSL Encryption On Ubuntu 9.10

This tutorial describes how to set up database replication in MySQL using an SSL connection for encryption (to make it impossible for hackers to sniff out passwords and data transferred between the master and slave). MySQL replication allows you to have an exact copy of a database from a master server on another server (slave), and all updates to the database on the master server are immediately replicated to the database on the slave server so that both databases are in sync. This is not a backup policy because an accidentally issued DELETE command will also be carried out on the slave; but replication can help protect against hardware failures though.

It’s worth noting that if you’re using MySQL 5.0/5.1, with SSL enabled, and you’re using yaSSL as opposed to OpenSSL, you’re vulnerable to CVE-2009-4484. Its a buffer overflow, that works over TCP, via the MySQL port, 3306. Lenz furnished us with some information, and the patch is available. You’ll see this rocking when MySQL 5.1.43 gets released.

It affects Debian (presumably, it will also affect Ubuntu). Red Hat/CentOS is spared, because instead of using yaSSL, OpenSSL is used.

MariaDB …

Reminder, mark you callendar:

Wednesday January 27th, Join the Sun Startup Essentials Webinar on  Security for Web Applications.

A key success factor for Web startups is to protect their applications and data from different security threats. Join this webinar to learn about security challenges and about key solutions such as encryption, authentication, certificates, secure and fault-tolerant storage, chrooted environments. The Sun Startup Essentials experts will also cover how to implement these solutions at minimal cost by using standard and open components such as Solaris, Apache, MySQL, ZFS and more.

Registration limited to members of the Sun Startup Essentials program.

Your company is less than 6 year and  150 employee: Join Sun Startup Essentials >>

Reminder, mark you callendar:

Wednesday January 27th, Join the Sun Startup Essentials Webinar on  Security for Web Applications.

A key success factor for Web startups is to protect their applications and data from different security threats. Join this webinar to learn about security challenges and about key solutions such as encryption, authentication, certificates, secure and fault-tolerant storage, chrooted environments. The Sun Startup Essentials experts will also cover how to implement these solutions at minimal cost by using standard and open components such as Solaris, Apache, MySQL, ZFS and more.

Registration limited to members of the Sun Startup Essentials program.

Your company is less than 6 year and  150 employee: Join Sun Startup Essentials >>

Reminder, mark you callendar:

Wednesday January 27th, Join the Sun Startup Essentials Webinar on  Security for Web Applications.

A key success factor for Web startups is to protect their applications and data from different security threats. Join this webinar to learn about security challenges and about key solutions such as encryption, authentication, certificates, secure and fault-tolerant storage, chrooted environments. The Sun Startup Essentials experts will also cover how to implement these solutions at minimal cost by using standard and open components such as Solaris, Apache, MySQL, ZFS and more.

Registration limited to members of the Sun Startup Essentials program.

Your company is less than 6 year and  150 employee: Join Sun Startup Essentials >>

ezNcrypt offers a table level transparent data encryption solution for MySQL. This technology is purely declarative which mean you declare tables or database you want to encrypt. You then have nohing more to care about. What is nice with ezncrypt is that only the mysqld process can encrypt/decrypt the data. A set o UDF functions have been added to handle that. The key management allows to store the key locally or remotely.

Chrooted environments are known to greatly improve system and application security by providing them with a higher degree of isolation. The objective is to separate as much as possible from other executables and resources the runtime environment of an application so that if a hacker get access to it,the rest of the system is not compromised. This technic is commonly used with MySQL.

Traditionally, the chrooting applies at the file system level, by creating a separated and minimal operating system disk-image.  The operation consists in creating a set of directories (such a /chroot/etc, /chroot/tmp, /chroot/var/tmp, /chroot/usr/local/mysql etc.) and duplicate a minimal number of binary and configuration files into this new directory tree. After setting the right permissions on the new directories, the chrootuid utility is used to execute the application in the restricted environment. …

Chrooted environments are known to greatly improve system and application security by providing them with a higher degree of isolation. The objective is to separate as much as possible from other executables and resources the runtime environment of an application so that if a hacker get access to it,the rest of the system is not compromised. This technic is commonly used with MySQL.

Traditionally, the chrooting applies at the file system level, by creating a separated and minimal operating system disk-image.  The operation consists in creating a set of directories (such a /chroot/etc, /chroot/tmp, /chroot/var/tmp, /chroot/usr/local/mysql etc.) and duplicate a minimal number of binary and configuration files into this new directory tree. After setting the right permissions on the new directories, the chrootuid utility is used to execute the application in the restricted environment. …