I am doing InnoDB Cluster Group Replication for the first time. I stuck at the last step Mysql Router. Mysql Router is configured with bootstrapping, But the main issue is MySQL router does not send the write request to the Primary R/W instance after failover. After failover primary become node instance and the Error says The MySQL server is running with the –super-read-only option so it cannot execute this statement
I am following this tutorial https://severalnines.com/database-blog/mysql-innodb-cluster-80-complete-deployment-walk-through-part-one.
Thanks in advance
As suggested by MySQL, we can install MySQL Router service on application server.But how to configure the MySQL Router service when it needs to connect to several MySQL InnoDB Cluster?
For example, we have 2 InnoDB Clusters ClusterA and ClusterB.The applications connecting to the 2 clusters are under same host HostA.How can we configure in the mysql router on HostA, then we can use mysql router to connect 2 clusters.
What checks should I perform to ensure my router is malware free? This is for a home network
I have Lulu setup under osx on my Mac. So say an errant program, curl, if it tries to access outside address is stopped.
Would an external router based firewall bring any extra level of protection? I surmise that it will not be fine-grained enough to stop a particular process.
I believe that outgoing request are more risky than incoming request as I do not have any programming listening for request. e.g. No web server enabled.
What use would external router based firewall bring?
Sometimes I come across articles that write about vulnerable IoT-devices and that there are a lot of routers that are not sufficiently protected.
I own a router myself which has SSH access and I was wondering what possible attack vectors exist because I can’t think of many except forwarding ports by looking up the ARP table and even then you need to know what kind of device is at the other end.
I also don’t understand how malware could for example take over my router and add it to a botnet when it is not possible to execute shell commands, usually you can only execute commands within a (I presume) secured environment and that is limited to a few commands. So they should not be able to upload a binary and execute it.
I’m getting regular attacks
2020-07-29 14:44:42 Security Warning Intrusion -> SRC=184.108.40.206 DST=220.127.116.11 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=63607 PROTO=TCP SPT=52363 DPT=1433 WIN
it’s every 10 mins as I can see
I changed wifi password and made it hidden AP and the attacks still coming.
I even disconnected all devices and the logs keep getting this attack
Should I be worried?
2020-07-29 14:54:05 Security Warning Intrusion -> SRC=18.104.22.168 DST=22.214.171.124 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=40337 PROTO=TCP SPT=42068 DPT=3378 WINDO
I’m trying to understand how my router works so I’m analyzing a couple of outputs (I logged in through SSH). I get these lines when trying
netstat -a -e, and I’m not sure where do these addresses come from, or what they are exactly doing.
The xxx.xxx.xxx.xxx is the IP address that my router gets from the ISP router (WAN).
tcp 0 0 xxx.xxx.xxx.xxx:50689 a104-75-170-17.deploy.static.akamaitechnologies.com:www ESTABLISHED tcp 0 0 xxx.xxx.xxx.xxx:50695 a104-75-170-17.deploy.static.akamaitechnologies.com:www ESTABLISHED tcp 0 0 xxx.xxx.xxx.xxx:35877 a104-75-170-56.deploy.static.akamaitechnologies.com:www ESTABLISHED tcp 0 0 xxx.xxx.xxx.xxx:35883 a104-75-170-56.deploy.static.akamaitechnologies.com:www ESTABLISHED tcp 0 0 xxx.xxx.xxx.xxx:35876 a104-75-170-56.deploy.static.akamaitechnologies.com:www ESTABLISHED tcp 0 0 xxx.xxx.xxx.xxx:50688 a104-75-170-17.deploy.static.akamaitechnologies.com:www ESTABLISHED tcp 0 0 xxx.xxx.xxx.xxx:50696 a104-75-170-17.deploy.static.akamaitechnologies.com:www ESTABLISHED tcp 0 0 xxx.xxx.xxx.xxx:50697 a104-75-170-17.deploy.static.akamaitechnologies.com:www ESTABLISHED
I’m interested in methods/solutions for blocking incoming and/or out-going WhatsApp requests and/or traffic on a personal home Google WiFi network.
I also have the Google WiFi app with manager/admin rights.
Man-in-the-Middle is not working with my router (Huawei) on my Windows machine/any device.
But it works with another router on my same Windows machine/any device.
When I doing MITM with Huawei router:
Linux MAC: a0:af:bd:c5:21:87 Router's MAC: 7c-11-cb-1f-ad-85
My Windows ARP table before doing MITM on it:
c:\Users\acer>arp -a Interface: 192.168.1.113 --- 0x4 Internet Address Physical Address Type 192.168.1.1 7c-11-cb-1f-ad-85 dynamic 192.168.1.255 ff-ff-ff-ff-ff-ff static 224.0.0.022 01-00-5e-00-00-16 static
arpspoof script to do MITM:
arpspoof -i wlan0 -t 192.168.1.113 192.168.1.1
arpspoof -i wlan0 -t 192.168.1.1 192.168.1.113
Then the Widows machine ARP table is:
c:\Users\acer>arp -a Interface: 192.168.1.113 --- 0x4 Internet Address Physical Address Type 192.168.1.1 7c-11-cb-1f-ad-85 dynamic 192.168.1.112 a0:af:bd:c5:21:87 dynamic 192.168.1.255 ff-ff-ff-ff-ff-ff static 224.0.0.022 01-00-5e-00-00-16 static
I tried with bettercap, ettercap, my own python script and I done ‘echo 1 > /proc/sys/net/ipv4/ip_forward’ in Linux. It is still not working! Not capturing anything.
The expected ARP table on Windows:
Interface: 192.168.1.113 --- 0x4 Internet Address Physical Address Type 192.168.1.1 a0:af:bd:c5:21:87 dynamic 192.168.1.255 ff-ff-ff-ff-ff-ff static 224.0.0.022 01-00-5e-00-00-16 static
I have an IOT System that works the following way: The IOT bridge makes a TCP Handshake with a server in china with a static ip address 47.255… (bridge sends syn the china server sends syn ack and then bridge ack)
Then the bridge sends MQTT Connect Command to the chinese server (This includes a client id, user name, and a password) The server just sends an accept back.
After that I can use a smartphone app to control the bridge: The smartphone sends a MQTT packet to the china server and the server sends the exact same packet to the bridge (Only the source/destination ips and mac addresses get changed from server to bridge)
I want to remove the chinese server completely from this equation and want to simulate it with my own pc.
So my pc should get every packet that gets send to the chinese ip. The bridge is in wifi so I have to change this in the router.
Are there easy ways to redirect ip addresses with your router? Or is it possible to directly modify the packets with the router and change the ip address of the packet.
The Bridge doesn’t use dns to find the chinese ip address so I can’t use a pihole or similar dns spoofing tools.
And if this works I guess my pc has to spoof it’s source ip address in the packages to the chinese server or the tcp protocol won’t accept the connection with different destinations–>sources.