Tuesday, October 28, 2014

Mysql TLSv1 capture using Wireshark

I installed mysql and enabled SSL on it. And I was just wondering how to see if the encryption is really working. I dont know what SSL protocol mysql uses for encryption.

So I started wireshark and captured login using a remote machine.

The default capture will show you the protocol as mysql,




but inorder to see the SSL/TLS you need to decode the packets as SSL. The SSL handshake does not occur first, but is followed after a few mysql packet exchanges.


[Ubuntu 14.04] mysql with SSL: ERROR 2026 (HY000): SSL connection error: protocol version mismatch


I was trying to enable SSL on mysql in Ubuntu 14.04 and it was not easy.

1. Install simply, apt-get install mysql-client mysql-server and set a strong root password.
2. Generate openssl certs and enable SSL configurations in /etc/mysql/my.cnf like this:

#For the client: (localhost only)

[client]
port            = 3306
socket          = /var/run/mysqld/mysqld.sock
ssl=1
ssl-ca          = /etc/mysql/ca-cert.pem

[mysqld]
....
ssl=1
ssl-ca=/etc/mysql/ca-cert.pem
ssl-cert=/etc/mysql/server-cert.pem
ssl-key=/etc/mysql/server-key.pem
ssl-cipher=DHE-RSA-AES256-SHA

Restart mysql, thats it. But while trying to connect (mysql -u root -p), I faced an error:

ERROR 2026 (HY000): SSL connection error: protocol version mismatch

Later I figured out, it was due to Bad certificates (well kind of..),

So generate the certificates using the commands here:
http://askubuntu.com/questions/194074/enabling-ssl-in-mysql

Once you connect, you can /s to confirm that your cipher is on:

--------------------------------------------------------------------------------------------

mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 36
Server version: 5.5.38-0ubuntu0.14.04.1 (Ubuntu)

Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> \s
--------------
mysql  Ver 14.14 Distrib 5.5.38, for debian-linux-gnu (i686) using readline 6.3

Connection id: 36
Current database:
Current user: root@localhost
SSL: Cipher in use is DHE-RSA-AES256-SHA
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server version: 5.5.38-0ubuntu0.14.04.1 (Ubuntu)
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: latin1
Db     characterset: latin1
Client characterset: utf8
Conn.  characterset: utf8
UNIX socket: /var/run/mysqld/mysqld.sock
Uptime: 11 days 1 hour 4 min 49 sec

Threads: 1  Questions: 109  Slow queries: 0  Opens: 171  Flush tables: 1  Open tables: 41  Queries per second avg: 0.000
--------------

mysql>

--------------------------------------------------------------------------------------------

Now if you want to see mysql SSL in action using wireshark,

http://rhosted.blogspot.in/2014/10/mysql-tlsv1-capture-using-wireshark.html

More references:
http://askubuntu.com/questions/194074/enabling-ssl-in-mysql

Saturday, October 18, 2014

Eclipse plugin list

1. Python development

pydev - Python development on eclipse.



http://pydev.org/


2. Shell script development

http://sourceforge.net/projects/shelled/

Yeah, I know what you have been thinking. IDE for shell scripts, vi or the Linux editors are the best thing to write a shell script. However, if you want to keep a project like structure for shell scripts for reference and to show or explain the shell script to anyone, this eclipse editor comes in handy. Not a replacement for vi though. Another limitation for windows users is that you do not have anything to run and test the shell script if you are on windows.



3. Linux tools for eclipse
http://www.eclipse.org/linuxtools/

This works pretty well with Shelled, when you are on windows but you want to refer to the man pages in Linux. That was the only use I could find in windows.

4. Remote Systems Explorer
Although using eclipse to access remote file systems through SSH/telnet/RDP sounds crazy but this is very handy while working with shell scripts using the shell script editor shelled. You can readily scp the files to your test machine and execute the scripts right from the eclipse console.



You can find it on the eclipse market place.

http://marketplace.eclipse.org/content/remote-system-explorer-ssh-telnet-ftp-and-dstore-protocols#.VBBalPmSysw

5. JADclipse
The Java decompiler -
http://sourceforge.net/projects/jadclipse/

6. Eclipse color themes
http://eclipsecolorthemes.org/?view=plugin

wombat:


7. Maven eclipse plugin, m2eclipse

https://www.eclipse.org/m2e/

8. StartExplorer: Starts an explorer or a command prompt at the location of the file in eclipse.

http://marketplace.eclipse.org/node/641101#.VBEnufmSyig




9. Browsing databases (Oracle, mysql and postgresql) using Toad Extension:

http://marketplace.eclipse.org/content/toad-extension-eclipse#.VBE68PmSyig