Database Activity Monitoring:
Intrusion Detection & Security Auditing |  PDF
Information security is based on preserving the CIA (Confidentiality, Integrity, and Availability) of systems. Without upholding these basics tenets, a database will not measure up to the requirements of handling commercial data. Without real-time auditing and monitoring data, CIA is impossible to maintain. While discussions continue about the need to provide some level of auditing and monitoring, there is little information available to help define what is appropriate auditing and monitoring. Subsequently, the aim of this paper is to merge "theoretical best-practices" with "real-world practicality" in order to define a usable policy for database security auditing and monitoring. By following the policies outlined in this paper, you can properly implement a solution that will work well (and will not interfere) with other aspects of the system.
Search Engines Used to Attack Databases | PDF
Database security has recently become the victim of misused search engines. Over the last year or so, Hackers have begun to use search engines to find potentially vulnerable web applications to attack. This white paper illustrates how an attacker can data mine any of the commonly used search engines to find target databases to attack.
Introduction to Database and Application Worms | PDF
A new set of threats have emerged - worms that propagate through
vulnerabilities in databases rather than through more traditional operating
system or web server holes. Despite their lack of sophistication, these
worms have been somewhat successful because of the poor state of database
security. Security in databases has generally been ignored, and the threat
management of these applications has been non-existent.
Protecting Oracle Databases | PDF
As Oracle professionals, it's important to see through the FUD (fear,
uncertainty, and doubt), determine the actual risks, and investigate what
can be done about the situation. The truth is that most Oracle databases
are configured in a way that they can be broken into relatively easily.
This is not to say that Oracle cannot be properly secured - only that the
information to properly lock down these databases has not been made
available, and that the proper lockdown procedures have not been taken.
This white paper will explore some of the key vulnerabilities to be aware of
in "protecting your Oracle database".
New York Oracle Users Group Editor's Choice Award - 2003
Manipulating Microsoft SQL Server Using SQL Injection | PDF
This paper will focus on advanced techniques that can be used in an attack
on an application utilizing Microsoft SQL Server as a backend. These
techniques demonstrate how an attacker could use a SQL Injection
vulnerability to retrieve the database content from behind a firewall and
penetrate the internal network.
Hunting Flaws in Microsoft SQL Server | PDF
This paper illustrates many new Microsoft SQL Server vulnerabilities and how they were found. It explores many of the issues discussed in its counterpart presentation.
DBCC SHOWTABLEAFFINITY Buffer Overrun | PDF
Article written by Martin Rakhmanoff to document the process of finding and
exploiting buffer overrun bugs. Provided sample code is written for
Microsoft SQL Server 2000 Enterprise Edition (English), version 8.00.665
*Service Pack 2 plus patch 667 released 14 August 2002). Please visit
Martin Rakhmanoff's website at: http://jimmers.narod.ru/
Go Back
|
