Latest topics | » Best video editing software for youtubers19/08/21, 12:24 am by Hacker iam» How to make bootable USB ?12/08/21, 12:33 am by Hacker iam» Meesho RTO Charges big problem for suppliers12/08/21, 12:18 am by Hacker iam» Get 200 Instagram followers daily free28/07/21, 03:13 pm by Hacker iam» onlineshopingshirt.com Fake Company06/03/18, 02:09 pm by Hacker iam» Keygen, crack, serial29/05/15, 08:44 pm by Karl Marx » Hello everyone 18/04/15, 11:05 pm by Hacker iam» Keygen for Moneydance 201523/01/15, 08:32 pm by iota » key gen request for Basic Inventory Control Desktop19/01/15, 01:45 pm by dexterdidi » Keygen request for paralog30/11/14, 12:12 am by MarkV » Microkinetics Turnmaster Pro 201407/10/14, 12:52 pm by Machine_Man » Keygen for Forex Tester 2.902/10/14, 11:59 pm by ocean7 » Make your Internet Download Manager for lifetime24/08/14, 02:22 pm by Hacker iam» Make your Internet Download Manager for lifetime24/08/14, 02:20 pm by Hacker iam» HACK FACEBOOK ID OFFER BY IMRAN10/08/14, 01:41 pm by Hacker iam» Ethical Hacking classes and many more courses08/08/14, 05:13 pm by Hacker iam» Ethical Hacking classes Gonna Start08/08/14, 04:58 pm by Hacker iam» Banned From Group On Facebook19/07/14, 06:52 pm by Hacker iam» Winpass 12 keygen needed18/07/14, 12:04 am by lvilleda » Simfatic Forms 4.011/06/14, 11:45 am by kachi4gud » SA Techietools 02/06/14, 09:04 pm by Hacker iam» immo tool 3.216/05/14, 01:46 pm by adisby » urgent help need. Pls create the keygen for DewanEja Pro 805/05/14, 02:04 am by hamizal » Track my IMEI27/04/14, 06:58 pm by rajesh » Advanced WIFI hacker20/03/14, 05:34 pm by wasam » Can anyone provide keygen for below software ?04/03/14, 10:34 am by akmakm2005 » Flaming Cliffs 3 - Keygen request please17/02/14, 01:28 pm by moejo » CalMAN 5 Keygen 14/02/14, 10:52 am by droid » Clearscada license key request10/02/14, 06:22 pm by mahpayma » Huawei unlocker04/01/14, 06:54 pm by dennis1990 |
| Learn hacking & cracking | Author | Message |
---|
Hacker iam Admin
Posts : 276 Points : 2666 Reputation : 3 Join date : 2010-11-26 Age : 32 Location : Lucknow
| Subject: Top 10 database attacks 30/05/11, 08:33 pm | |
| Enterprise database infrastructures, which often contain the crown jewels of an organization, are subject to a wide range of attacks. Amichai Schulman, CTO, Imperva, lists the most critical of these, followed by recommendations for mitigating the risk of each. 1. Excessive privileges When users (or applications) are granted database privileges that exceed the requirements of their job function, these privileges may be used to gain access to confidential information. For example, a university administrator whose job requires read-only access to student records may take advantage of excessive update privileges to change grades. The solution to this problem (besides good hiring policies) is query-level access control. Query-level access control restricts privileges to minimum-required operations and data. Most native database security platforms offer some of these capabilities (triggers, RLS, and so on), but the manual design of these tools make them impractical in all but the most limited deployments. 2. Privilege abuse Users may abuse legitimate data access privileges for unauthorized purposes. For example, a user with privileges to view individual patient records via a custom healthcare application client may abuse that privilege to retrieve all patient records via a MS-Excel client.The solution is access control policies that apply not only to what data is accessible, but how data is accessed. By enforcing policies for time of day, location, and application client and volume of data retrieved, it is possible to identify users who are abusing access privileges. 3. Unauthorized privilege elevation Attackers may take advantage of vulnerabilities in database management software to convert low-level access privileges to high-level access privileges. For example, an attacker might take advantage of a database buffer overflow vulnerability to gain administrative privileges. Privilege elevation exploits can be defeated with a combination of query-level access control and traditional intrusion prevention systems (IPS). Query-level access control can detect a user who suddenly uses an unusual SQL operation, while an IPS can identify a specific documented threat within the operation. 4. Platform vulnerabilities Vulnerabilities in underlying operating systems may lead to unauthorized data access and corruption. For example, the Blaster worm took advantage of a Windows 2000 vulnerability to take down target servers. IPS tools are a good way to identify and/or block attacks designed to exploit known database platform vulnerabilities. 5. SQL injection SQL injection attacks involve a user who takes advantage of vulnerabilities in front-end web applications and stored procedures to send unauthorized database queries, often with elevated privileges. Using SQL injection, attackers could even gain unrestricted access to an entire database. Query-level access control detects unauthorized queries injected via web applications and/or stored procedures. 6. Weak audit Weak audit policy and technology represent risks in terms of compliance, deterrence, detection, forensics and recovery. Unfortunately, native database management system (DBMS) audit capabilities result in unacceptable performance degradation and are vulnerable to privilege-related attacks -- i.e. developers or database administrators (DBAs) can turn off auditing. Most DBMS audit solutions also lack necessary granularity. For example, DBMS products rarely log what application was used to access the database, the source IP addresses and failed queries. Network-based audit appliances are a good solution. Such appliances should have no impact on database performance, operate independently of all users and offer granular data collection. 7. Denial of service Denial of service (DoS) may be invoked through many techniques. Common DoS techniques include buffer overflows, data corruption, network flooding and resource consumption. The latter is unique to the database environment and frequently overlooked. DoS prevention should occur at multiple layers including the network, applications and databases. Database-related recommendations include deploying an IPS and connection rate controls. By rapidly opening a large number of connections, connection rate controls can prevent individual users from consuming database server resources. 8. Database protocol vulnerabilities Vulnerabilities in database protocols may allow unauthorized data access, corruption or availability. For example, the SQL Slammer worm took advantage of a Microsoft SQL Server protocol vulnerability to execute attack code on target database servers. Protocol attacks can be defeated by parsing and validating SQL communications to make sure they are not malformed. 9. Weak authentication Weak authentication schemes allow attackers to assume the identity of legitimate database users. Specific attack strategies include brute force attacks, social engineering, and so on. Implementation of passwords or two-factor authentication is a must. For scalability and ease-of-use, authentication mechanisms should be integrated with enterprise directory/user management infrastructures. 10. Exposure of backup data Some recent high profile attacks have involved theft of database backup tapes and hard disks. All backups should be encrypted. In fact, some vendors have suggested that future DBMS products may not support the creation of unencrypted backups. Encryption of online production database information is a poor substitute for granular privilege controls. |
| | | |
Page 1 of 1 | |
| Permissions in this forum: | You cannot reply to topics in this forum
| |
| |
| Who is online? | In total there is 1 user online :: 0 Registered, 0 Hidden and 1 Guest None Most users ever online was 56 on 07/07/12, 12:36 am |
Social bookmarking |
Bookmark and share the address of Hell of Hackerz on your social bookmarking website |
|
|