Fail to establish database connection

I did a backup for my client’s website for both the web files and sql. Now, I am trying to restore it to my cpanel. I have no problem restoring the web files but the sql automatically change the name to xx_databasename. And when I tried to see the website live, it says there is a problem to establish a database connection.

Does anyone know how to solve this issue?

Persistent connection string errors .NET Core

I am migrating a full framework application to .NET Core. Under the full framework, it used the following connection string with the IBM .NET Connector for DB2:

"Server=localhost:50000;Database=testdb;" 

The code then assigned UserID and Password properties from credentials vault.

Now, under Core, with the IBM .NET Core connector for DB2 specifically v.2.0.0.100 (long-term support, according to IBM), this connection string throws an exception when a connection string builder is created from it:

{System.ArgumentNullException: Value cannot be null.    at System.Threading.Monitor.ReliableEnter(Object obj, Boolean& lockTaken)    at IBM.Data.DB2.Core.DB2ConnPool.ReplaceConnStrPwd(String value, String newvalue, Boolean onlyPwd)    at IBM.Data.DB2.Core.DB2Connection.RemoveConnectionStringPassword(String value, Boolean bMask)    at IBM.Data.DB2.Core.DB2ConnectionStringBuilder..ctor(String connectionString) 

There is no InnerException. I presume that some mandatory parameters of the connection string that I am not aware of have to be populated under Core, whereas under full framework they were optional. A careful read of IBM documents on DB2 connector Core yielded no mentions of connection string changes, unless I missed them. This blog post mentioned no such breaking changes.

Is anyone aware of mandatory connection string parameters that are missing from my connection string specifically for .NET Core connector?

MariaDB 10.5.8 refusing my connection over SSH tunnel once I add “skip-name-resolve”

I’ve moved from a 10.3 installation to a 10.5 installation, and ported my various my.cnf settings over.

One of those is skip-name-resolve.

If I leave it in I’m suddenly unable to connect to the database with Navicat. Normally it uses an SSH tunnel and then connets to localhost on port 3306:

1045 Access denied for user 'root'@'127.0.0.1' (using password: YES)

My web app is unaffected, and can still connect to the database happily.

If I take it out, I can connect quite happily. What should I change? I tried changing localhost to 127.0.0.1 but that made no difference.

Thanks

Securing internet connection with hostile ISP

Please excuse the lack of details, you can understand why. I have a friend in a foreign country who is certain that he is a surveillance target of his local government. Other people he knows in his same category have already had their internet connections spied on, and seen contents of their emails leaked. He refuses to use his local ISP because the government runs it, so he uses another means of internet but which is very unreliable.

He really would like to use a landline ISP for it’s stability, but knows he can’t trust it. I thought of setting him up with a serious firewall (like pfSense) with a permanent VPN tunnel to a provider that is based outside of his country.

Given these considerations, would this be a safe solution? Or rather if the ISP is compromised, are all bets off?

Establishing safe connection in Java

In my Java project I’m trying to create a 100% secure method of communication between the method and the client. I used to use this process:

Client: generates 4096-bit RSA keypair Client: sends public to server Client: generates 256-bit AES key Client: encrypts AES key using RSA and send Server: decrypts AES key from RSA Server & Client now communicate using AES only 

But I found out this isn’t safe as it can easily be ruined by a man-in-the-middle attack. I began researching TLS and found out about security certificates. My question is this: if the client generates the RSA keypair, signs it using the certificate, and sends it to the server, what stops a MITM from doing the same thing (assuming the certificate is publicly available, which I assume it would be because the server and the client would both need it).

When I use OpenSSL to generate a certificate it always provides an RSA key alongside it. Isn’t it safer to generate a new keypair for each connection, or do I actually use this particular key? What am I missing about the standard pattern for TLS?

What prevents someone from spoofing their public key when trying to establish an SSH connection?

Recently I’ve been trying to learn the mechanisms behind SSH keys but I came across this question that I haven’t been able to find an answer to (I haven’t figured out how to word my question such that searching it would give me the answer).

Basically, we add our local machine’s public key to the server’s authorized_keys file which allows us to be authenticated automatically when we try to ssh into the server later on. My question is: what if someone takes my public key (it is public after all) and replaces their public key with it? When the "attacker" tries to connect to the server, what part of the process allows the server to know that they do not have the correct private key?

I read somewhere that for RSA, it is possible for a user (let’s say user A) to encrypt/sign a message with their private key, and then for others to decrypt this message using A‘s public key, thus proving that A is really who they claim to be. However, apparently, this is not true for all cryptosystems, where it is not possible to sign with a private key (according to What happens when encrypting with private key?, feel free to correct this information if it is wrong). In those cases, how does the server make sure that the user is really who they claim to be?

“Your connection is not private” for specific website, once when opening a new tab

Like many, since March, I’ve been working from home and using the company’s VPN to do my work.

Recently, if I open a new tab in Chrome, and navigate to "news.bbc.co.uk", I got the aforementioned error, with the supplemental information being:

Attackers might be trying to steal your information from news.bbc.co.uk.x.878874e0029b7043d30ab470050dec81a4e1.9270fd51.id.opendns.com (for example, passwords, messages, or credit cards). Learn more

  • This only happened when I opened a new tab.
  • It did not happen for any other site that I visited, just the BBC.
  • When I opened a new tab, and typed https://news.bbc.co.uk it (correctly) had no issue.
  • After forcing https as above, opening a new tab and just typing news.bbc.co.uk it worked.
  • A few minutes later, just typing news.bbc.co.uk once again causes a Privacy Error.

I was wondering why this is just happening to the BBC site, and no others, and what the redirect URL means (with OpenDNS). When it fails, this is what is in the address bar:

https://news.bbc.co.uk.x.878874e0029b7043d30ab470050dec81a4e1.9270fd51.id.opendns.com/h/news.bbc.co.uk/?X-OpenDNS-Session=_878874e0029b7043d30ab470050dec81a4e19270fd51_eMU5iVa1_

Why http microsoft connection in netstat check?

I checked established connections with "netstat" command in command prompt, and I found that there are some connections with ip’s of microsoft (I checked ip online) that have http (and not https) connection established, they bring to some svchost.exe in a Win32 folder of the system. I know that http connections are not safe, but I guess they are safe since they have microsoft ip, but why these connections are not encrypted (http)? Is it normal?

SSL Connection from phpmyadmin to mysql server [closed]

I am getting these errors after this config, I can’t get phpmyadmin to work with this config, need help. MySQL server is on different machine.

Thanks,

$  cfg['Servers'][$  i]['ssl_cert'] = '/etc/mysql/mysql.pem'; $  cfg['Servers'][$  i]['ssl_key'] = '/etc/mysql/mysqlkey.pem'; $  cfg['Servers'][$  i]['ssl_ca'] = '/usr/local/share/ca-certificates/SERVER/SERVERSSL.pem'; $  cfg['Servers'][$  i]['ssl_ca_path'] = '/usr/local/share/ca-certificates/SERVER'; $  cfg['Servers'][$  i]['ssl_verify'] = 'true'; 

ERRORS