Tag - security

Setting up MongoDB with Member x509 auth and SSL + easy-rsa

MongoDB Member with x509 auth

Hi everyone! This is one of the most requested subjects to our support team and I’d like to share the steps as a tutorial blog post. Today, we will set up internal authentication using x.509 certificates as well as enabling TSL/SSL.
If using authentication in MongoDB, there are two ways to configure intra-cluster authentication:

Using a […]

Read more

Incident Involving Percona Forums on September 24, 2019

Summary
On September 24, 2019, Percona’s IT and IT Security teams were made aware of a denial of service attack on www.percona.com/forums. We use vBulletin to host Percona Forums, which was subjected to a zero-day pre-authentication remote code execution. This vulnerability potentially allows an unauthenticated attacker to remotely execute code on, or possibly complete control […]

Read more

Another Day, Another Data Leak

another day another data leak Exactis

In the last few days, there has been information released about yet another alleged data leak, placing in jeopardy “…[the] personal information on hundreds of millions of American adults, as well as millions of businesses.” In this case, the “victim” was Exactis, for whom data collection and data security are core business functions.
Some takeaways […]

Read more

PXC loves firewalls (and System Admins loves iptables)

PXC and setting firewalls using iptables

Let them stay together.
In the last YEARS, I have seen quite often that users, when installing a product such as PXC, instead of spending five minutes to understand what to do just run
iptables -F  and save.
In short, they remove any rules for their firewall.
With this post, I want to show you how easy […]

Read more