Secure File Privilege (7 replies)
Hello, I am attempting to write a stored procedure that calls a function to export data to a CSV. However, I want to change the folder to which the file is created. I've changed the secure_file_priv...
View ArticleDisable renegotiation (no replies)
Hello everyone, I'm currently looking into disabling TLS renegotiation. If possible I would like to disable all kinds : client/server initiated and secure/insecure. I am aware that using TLS 1.3 would...
View ArticleEnable SSL in MySQL (no replies)
Hi, I am trying to enable SSL in MySQL database. I am using the following command to enable the SSL but i am getting the error message. Can anyone help me in this regard. [root@localhost newcerts]#...
View ArticlePoorman’s MySQL table audit information (no replies)
Poorman’s MySQL table audit information - https://lefred.be/content/poormans-mysql-table-audit-information/ - https://lefred.be/content/poormans-mysql-table-audit-information-part-2/ -...
View ArticleMySQL login password encryption or config file usage (no replies)
Hi, I would like to sniff the password while connecting to MySQL 5.7.37. When I dump the workbench, it is clearly shows username and password. I tired mysql_config_editor to create a username and...
View ArticleAbout the underlying principles of AES_DECRYPT() and AES_ENCRYPT() (1 reply)
In the past two days, I have been testing the performance of Mysql using the AES_DECRYPT() and AES_ENCRYPT() functions. It is very slow when using Mysql for batch insertion. It takes 7 seconds for 100...
View ArticleOracle MySQL October 2021 Critical Patch Update (CPUOCT2021) (2 replies)
Hi, At my company, we scan servers for vulnerabilities with Qualys software. We have a server with 4 vulnerabilities related to: Oracle MySQL October 2021 Critical Patch Update (CPUOCT2021) Oracle...
View ArticleMySQL innodb_undo_log_encrypt not working (no replies)
I have set innodb_undo_log_encrypt=ON in /etc/mysql/mysql.conf.d/encryption.cnf under the [mysqld] section but it appears to not be working. Am I just misreading the output below? Other InnoDB tables...
View ArticleHow do I enable MySQL undo log encryption? (no replies)
I have set innodb_undo_log_encrypt=ON in /etc/mysql/mysql.conf.d/encryption.cnf under the [mysqld] section but it appears to not be working. Am I just misreading the output below? Other InnoDB tables...
View ArticleClear text password (3 replies)
I'm using programmable logic controller (PLC) to communicate with MySQL (Community Edition) with Client/server TCP/IP Protocol but the PLC does not support cryptographic function. Is it possible to...
View ArticleMySQL Enterprise Authentication (no replies)
Docs: - https://dev.mysql.com/doc/refman/8.0/en/authentication-plugins.html Blogs: - https://blogs.oracle.com/mysql/post/mysql-enterprise-security-4-new-authentication-methods
View ArticleMySQL native authentication (3 replies)
Hello everyone Regarding the native authentication mechanism of MySQL server, I see that it use the hashing function SHA1....
View ArticleNIST Retires SHA-1 Cryptographic Algorithm (no replies)
============== NIST Retires SHA-1 Cryptographic Algorithm - https://www.nist.gov/news-events/news/2022/12/nist-retires-sha-1-cryptographic-algorithm discussion: -...
View ArticleMySQL Connection Control (no replies)
MySQL Connection Control - https://blogs.oracle.com/mysql/post/mysql-connection-control
View ArticleGROUP_REPLICATION and SSL Configuring Issues (no replies)
Hello! Hopefully it's just not me but getting TLS/SSL to work with GROUP_REPLICATION is not easy and would like some assistance. I have a 3 node group_replication with single-primary, v8.0.32 mysql....
View ArticleWorkbench and PHP PDO security (no replies)
Is connection between MySQL Workbench and remote MySQL server encrypted? If I use PHP PDO to connect to remote MySQL server, are username and password and queries encrypted?
View ArticleMySQL 5.6 sha256 authentication (2 replies)
Hello all I see that the sha256 authentication mechanism was introduced in MySQL 5.6 but since the link to access the release notes is not working, I am not sure what was the exact version in which it...
View ArticleGenerate Auth Token using RestAPI on CyberArk (1 reply)
I am writing a python program that can login to my CyberArk using my username, password and Radious OTP and generate a temporary auth token, that i can use in other function. Can anyone please tell me...
View ArticleMySQL 8.0.33 Enterprise Edition: Data Masking Component (no replies)
MySQL 8.0.33 Enterprise Edition: Data Masking Component MySQL Enterprise Edition now provides data masking and de-identification capabilities based on components, rather than being based on a plugin...
View ArticleMySQL Enterprise Data Masking and De-Identification (no replies)
MySQL 8.0: Masking - https://blogs.oracle.com/mysql/post/explore-the-new-mysql-enterprise-data-masking-and-deidentification-features -...
View Article