IT Bookworm Blog


June 12, 2013  3:22 PM

Book excerpt: MySQL (5th Edition)



Posted by: Michael Tidmarsh
Book excerpt, MySQL

This chapter is from the new 5th Ed. of “MySQL”, authored by Paul DuBois, published by Pearson/Addison-Wesley Professional, April 2013, ISBN 0321833872, Copyright 2013 Pearson Education, Inc. For more info please visit the publisher site: http://www.informit.com/store/mysql-9780321833877

Using SQL to Manage Data

The MySQL server understands Structured Query Language (SQL). Therefore, SQL is the means by which you tell the server how to perform data management operations, and fluency with it is necessary for effective communication. When you use a program such as the mysql client, it functions primarily as a way for you to send SQL statements to the server to be executed. If you write programs in a language that has a MySQL interface, such as the Perl DBI module or PHP PDO extension, these interfaces enable you to communicate with the server by issuing SQL statements.

Chapter 1, “Getting Started with MySQL,” presented a tutorial introducing many of MySQL’s capabilities, including some basic use of SQL. We’ll build on that material here to go into more detail on several topics:

  • Changing the SQL mode to affect server behavior
  • Referring to elements of databases
  • Using multiple character sets
  • Creating and destroying databases, tables, and indexes
  • Obtaining information about databases and their contents
  • Retrieving data using joins, subqueries, and unions
  • Using multiple-table deletes and updates
  • Performing transactions that enable statements to be grouped or canceled
  • Setting up foreign key relationships
  • Using the FULLTEXT search engine

The items just listed cover a broad range of topics of what you can do with SQL. Other chapters provide additional SQL-related information:

  • Chapter 4, “Views and Stored Programs,” discusses how to create and use views (virtual tables that provide alternative ways of looking at data) and stored programs (functions and procedures, triggers, and events).
  • Chapter 12, “General MySQL Administration,” describes how to use administrative statements such as GRANT and REVOKE to manage user accounts. It also discusses the privilege system that controls what operations accounts are permitted to perform.

  • Appendix E, “SQL Syntax Reference,” shows the syntax for SQL statements implemented by MySQL and the privileges required to use them. It also covers the syntax for using comments in your SQL statements.

See also the MySQL Reference Manual, especially for changes made in recent versions of MySQL.

Continued »

May 14, 2013  6:48 PM

Book excerpt: Hacking for Dummies (part 2)



Posted by: Michael Tidmarsh
Book excerpt, Security

“This chapter is an excerpt from the 4th edition of ‘Hacking For Dummies’ by Kevin Beaver, published by John Wiley & Sons, January 2013, ISBN 978-1118380932. For more info please visit http://www.dummies.com/store/product/Hacking-For-Dummies-4th-Edition.productCd-1118380932.html

Chapter 1: Introduction to Ethical Hacking

This book is about hacking ethically — the methodology of testing your computers and networks for security vulnerabilities and plugging the holes you find before the bad guys get a chance to exploit them.

Although ethical is an often overused and misunderstood word, Webster’s New World Dictionary defines ethical perfectly for the context of this book and the professional security testing techniques that I cover — that is, “conforming to the standards of conduct of a given profession or group.” IT and information security practitioners are obligated to perform the tests covered in this book aboveboard and only after permission has been obtained by the owner(s) of the systems. That’s why, in this book’s Introduction, you find a disclaimer. Use your power of choice wisely.

Continued »


March 26, 2013  2:12 PM

Book excerpt: Hacking for Dummies



Posted by: Michael Tidmarsh
Book excerpt, Security

“This chapter is an excerpt from the 4th edition of ‘Hacking For Dummies’ by Kevin Beaver, published by John Wiley & Sons, January 2013, ISBN 978-1118380932. For more info please visit http://www.dummies.com/store/product/Hacking-For-Dummies-4th-Edition.productCd-1118380932.html

Chapter 7: Passwords

Password hacking is one of the easiest and most common ways attackers obtain unauthorized network, computer, or application access. You often hear about it in the headlines, and study after study such as the Verizon Data Breach Investigations Report reaffirms that weak passwords are at the root of many security problems. I have trouble wrapping my head around the fact that I’m still talking about (and suffering from) weak passwords, but it’s a reality — and, as an information security testing professional, you can certainly do your part to minimize the risks.

Although strong passwords — ideally, longer and stronger passphrases that are difficult to crack (or guess) — are easy to create and maintain, network administrators and users often neglect this. Therefore, passwords are one of the weakest links in the information security chain. Passwords rely on secrecy. After a password is compromised, its original owner isn’t the only person who can access the system with it. That’s when accountability goes out the window and bad things start happening.

External attackers and malicious insiders have many ways to obtain passwords. They can glean passwords simply by asking for them or by looking over the shoulders of users (shoulder surfing) while they type their passwords. Hackers can also obtain passwords from local computers by using password-cracking software. To obtain passwords from across a network, attackers can use remote cracking utilities, keyloggers, or network analyzers.

This chapter demonstrates how easily the bad guys can gather password information from your network and computer systems. I outline common password vulnerabilities and describe countermeasures to help prevent these vulnerabilities from being exploited on your systems. If you perform the tests and implement the countermeasures outlined in this chapter, you’ll be well on your way to securing your systems’ passwords. Continued »


March 5, 2013  7:26 PM

Book excerpt: Database Administration



Posted by: Michael Tidmarsh
Book excerpt, Database, Database administration

“This chapter is an excerpt from the 2nd Ed. of ‘Database Administration: The Complete Guide to DBA Practices and Procedures’ by Craig Mullins, published by Pearson/Addison-Wesley Professional, Oct. 2012, ISBN 9780321822949 Copyright 2013 Craig S. Mullins. For more info please visit: http://www.informit.com/store/database-administration-the-complete-guide-to-dba-practices-9780321822949

Creating the Database Environment

One of the primary tasks associated with the job of DBA is the process of choosing and installing a DBMS. Unfortunately, many business executives and IT professionals without database management background assume that once the DBMS is installed, the bulk of the work is done. The truth is, choosing and installing the DBMS is hardly the most difficult part of a DBA’s job. Establishing a usable database environment requires a great deal of skill, knowledge, and consideration. This chapter will outline the principles involved in establishing a usable database environment.

Defining the Organization’s DBMS Strategy

The process of choosing a suitable DBMS for enterprise database management is not as difficult as it used to be. The number of major DBMS vendors has dwindled due to industry consolidation and domination of the sector by a few very large players.

Continued »


February 11, 2013  5:27 PM

Book excerpt: DevOps Troubleshooting



Posted by: Michael Tidmarsh
Book excerpt, DevOps, Linux

This excerpt is from the book, ‘DevOps Troubleshooting: Linux Server Best Practices’, authored by Kyle Rankin, published by Pearson/Addison-Wesley Professional, Nov 2012, ISBN 0321832043, Copyright 2013 Pearson Education, Inc. For more info please visit: http://www.informit.com/title/0321832043

Want the whole thing? We’re giving away a free copy.

Is the Server Down? Tracking Down the Source of Network Problems

Most servers are attached to some sort of network and generally use the network to provide some sort of service. Many different problems can creep up on a network, so network troubleshooting skills become crucial for anyone responsible for servers or services on those servers. Linux provides a large set of network troubleshooting tools, and this chapter discusses a few common network problems along with how to use some of the tools available for Linux to track down the root cause.

Network troubleshooting skills are invaluable for every member of a DevOps team. It’s almost a given that software will communicate over the network in some way, and in many applications, network connectivity is absolutely vital for the software to function. When there is a problem with the network, everyone from the sysadmin, to the QA team, to the entire development staff will probably take notice. Whether your networking department is a separate group or not, when your entire DevOps team works together on diagnosing networking problems, you will get a better overall view of the problem. Your development team will give you the deep knowledge of how your software operates on the network; your QA team will explain how the application behaves under unusual circumstances and provide you with a backlog of networking bug history; and your sysadmin will provide you with an overall perspective of how networked applications work under Linux. Together you will be able to diagnose networking problems much faster than any team can individually.

Continued »


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: