Buy Percona ServicesBuy Now!

How to Setup and Troubleshoot Percona PAM with LDAP for External Authentication

 | April 21, 2017 |  Posted In: Insight for DBAs, MySQL, Security

Percona Server for MySQL 5.7.18-15

In this blog, we’ll look at how to setup and troubleshoot the Percona PAM authentication plugin. We occasionally get requests from our support clients on how to get Percona Server for MySQL to authenticate with an external authentication service via LDAP or Active Directory. However, we normally do not have access to client’s infrastructure to […]

Read More

Enabling Percona XtraDB Cluster SST Traffic Encryption

 | April 21, 2017 |  Posted In: Percona XtraDB Cluster, Security, XtraDB Cluster

wsrep-stages

In this blog post, we’ll look at enabling Percona XtraDB Cluster SST Traffic Encryption, and some of the changes to the SSL-based encryption of SST traffic in Percona XtraDB Cluster 5.7.16. Some background Percona XtraDB Cluster versions prior to 5.7 support encryption methods 0, 1, 2 and 3: encrypt = 0 : (default) No encryption encrypt […]

Read More

Percona Server for MongoDB: Dashing New LDAP Authentication Plugin

 | March 16, 2017 |  Posted In: MongoDB, Security, Solutions Engineering

LDAP Authentication

This blog post is another in the series on the Percona Server for MongoDB 3.4 bundle release. In this blog, we’ll look at the new LDAP authentication plugin.  Hear ye, hear ye, hear ye… With the arrival of version 3.4, Percona has included an LDAP plugin in Percona Server for MongoDB. Authentication is an essential […]

Read More

MongoDB Audit Log: Why and How

 | March 3, 2017 |  Posted In: MongoDB, Percona Server for MongoDB, Security

MMAPv1

This blog post is another in the series on the Percona Server for MongoDB 3.4 bundle release. In this blog post, we’ll talk about the MongoDB audit log. Percona’s development team has always invested in the open-source community a priority – especially for MongoDB. As part of this commitment, Percona continues to build MongoDB Enterprise […]

Read More

MySQL Ransomware: Open Source Database Security Part 3

and  | February 27, 2017 |  Posted In: MySQL, Security

MySQL Ransomware

This blog post examines the recent MySQL® ransomware attacks, and what open source database security best practices could have prevented them. Unless you’ve been living under a rock, you know that there has been an uptick in ransomware for MongoDB and Elasticsearch deployments. Recently, we’re seeing the same for MySQL. Let’s look and see if this is MySQL’s […]

Read More

Webinar Thursday, February 23, 2017: Troubleshooting MySQL Access Privileges Issues

 | February 22, 2017 |  Posted In: MySQL, Security, Technical Webinars

Troubleshooting MySQL Access Privileges

Please join Sveta Smirnova, Percona’s Principal Technical Services Engineer, as she presents Troubleshooting MySQL Access Privileges Issues on February 23, 2017 at 11:00 am PST / 2:00 pm EST (UTC-8). Do you have registered users who can’t connect to the MySQL server? Strangers modifying data to which they shouldn’t have access? MySQL supports a rich […]

Read More

Docker Security Vulnerability CVE-2016-9962

 | January 31, 2017 |  Posted In: Docker, Events and Announcements, MongoDB, MySQL, PMM, Security

CVE-2016-9962

Docker 1.12.6 was released to address CVE-2016-9962. CVE-2016-9962 is a serious vulnerability with RunC. Quoting the coreos page (linked above): “RunC allowed additional container processes via runc exec to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new […]

Read More

CVE-2016-6225: Percona Xtrabackup Encryption IV Not Being Set Properly

and  | January 12, 2017 |  Posted In: MySQL, Security

Pepper.com

If you are using Percona XtraBackup with xbcrypt to create encrypted backups, and are using versions older than 2.3.6 or 2.4.5, we advise that you upgrade Percona XtraBackup. Note: this does not affect encryption of encrypted InnoDB tables. CVE-2016-6225 Percona XtraBackup versions older than 2.3.6 or 2.4.5 suffered an issue of not properly setting the Initialization Vector (IV) for […]

Read More