Posts Tagged ‘MySQL Users Conference 2005’

MySQL UC — Call For Papers Still Open

Thursday, October 27th, 2005

TheOpenForce points out that the MySQL Users Conference Call For Papers is open through November 7th. I was at last year’s conference. It was quite enjoyable, lots of interesting talks and interesting people.

On another note the 2006 Southern California Linux Expo (SCALE 4x) is still open. It runs through November 20th.

SugarCRM 3 is Up

Wednesday, April 20th, 2005

The folks over at SugarCRM released their first beta of Sugar 3.0. Check it out. It adds e-mail campaigns, a new soap interface and forecasting. They also have it running here at the MySQL Users Conferene so if you have a minute drop by their booth.

MySQL Security by John David Duncan

Wednesday, April 20th, 2005

John offers a broad overview of MySQL security. He does not cover everything, but provides a good intro for someone new to MySQL. Here are some notes from his talk:

Security Priorities:
– Data not stolen or tampered with.
– only access data that you’re authorized to access
– secure passwords

– host level security
– obviously dont run MySQL as a privledged user.
– patch system regularly

– net security
– bind to localhost or skipnetworking unless you have remote clients
– firewalls
– use ssl
– what kind of load does ths add

– authentication in mysql
– 4.1 includes a new auth scheme with more secure password hashes.
– 4.1 supports old protocols, but new protocol is highly recomended.
– SSL support from slaves to marster, clieent to server, etc.
– grant can now allow you to require certs, issuers, specific ciphers, etc.
– limit connections, qeuries, reads, writes, etc per hour.

views:
– you can create views so that a specific user only sees rows that meet his privs / restrictions.

– Groups / Roles, are recognized as necessary by MySQL developers. They hope to include them in 5.1, but make no guarantees.

– ideas for web app users:
– give each script/object/method a user name so that for security and logging reasons which scripts did what, see who is connected,
– interactive help now included in MySQL!
– ex: help grant types

– MySQL “worm” of Jan ’05
The MySQL work would scan tcp port 3306 on the public net and then attept to brute force root. It had a very small list of common passwords and managed to sucessfully connect to an alarming number of servers. The worm would then create a table with a blob column where it would insert the words code. It would then dump itself to a DLL file and drop the table. Then by creating a function it can run itself via mysql.

The worm did not last long as the connecting zombies caused a DOS attack on the IRC servers where the zombied nodes were managed,

– MySQL 4.1 now includesfeatures to make this more difficult:
– User defined functions must define and meet certain criteria or they will be considered “suspicious” and not run.
– root@ accounts were reomved from windows, no other distros ever had them.
– wont let you use .. or other pathname info in the name of a shared object

Santa Clara CC Gets Busy

Wednesday, April 20th, 2005

I arrived at the MySQL show this morning and found that the place was jam packed with people. In addition to the 1300 MySQL users here for the conference, the TriCounty Apartments Association (?) was here too. The combination of the two shows has maxed out parking and made the hotel a lot busier. Anyways, off to to some talks now.

Managing the LAMP Stack with OSS Tools

Tuesday, April 19th, 2005

Random notes from the LAMP (linux / apache / mysql / php) Management with OSS Tools talk by Yazz Atlas of OSTG

IDS:


Replacements to AIDE / Tripwire, which are easier to manage across many systems.
-Osiris – http://osiris.shmoo.com
-Samhain http://samhain.sf.net
– stealthy.

generic cialis softtab

-can hide configs inside of a gif file
-can be renated so that the binary is hidden, even hides strings, etc so that it cant be found via strace

Monitoring and Graphing
=======
– MRTG / RRDtool
– database load
– system load
– bandwidth usage

– Front ends to MRTG / RRDtool
– Munini
– Cacti