The Database Hackers Handbook by David Litchfield, Chris Anley, John Heasman, Bill Grindlay,
By David Litchfield, Chris Anley, John Heasman, Bill Grindlay,
Databases are the nerve heart of our economic system. each piece of your own details is saved there-medical documents, financial institution money owed, employment historical past, pensions, automobile registrations, even your kid's grades and what groceries you purchase. Database assaults are almost certainly crippling-and relentless.
In this crucial follow-up to The Shellcoder's instruction manual, 4 of the world's most sensible safety specialists educate you to damage into and protect the seven most well liked database servers. you will easy methods to establish vulnerabilities, how assaults are performed, and the way to forestall the carnage. The undesirable men already comprehend all this. you must realize it too.
* establish and plug the hot holes in Oracle and Microsoft(r) SQL Server
* examine the easiest defenses for IBM's DB2(r), PostgreSQL, Sybase ASE, and MySQL(r) servers
* detect how buffer overflow exploitation, privilege escalation via SQL, kept process or set off abuse, and SQL injection permit hacker access
* realize vulnerabilities bizarre to every database
* discover what the attackers already comprehend
Read Online or Download The Database Hackers Handbook PDF
Similar oracle books
За последние 10 лет книга Oracle PL/SQL Programming издательства O'Reilly's стала бестселлером среди книг по PL/SQL, процедурному языку базы данных Oracle. Снабженная примерами и полезными рекомендациями книнга является незаменимой как новичкам, так и гуру, как разработчикам на Oracle varieties, так и администраторам - используйте PL/SQL на полную мощь.
Grasp Oracle Streams 11g Replication permit real-time info entry and knowledge sharing throughout your allotted framework utilizing the professional details during this Oracle Press advisor. Oracle Streams 11g facts Replication explains the best way to manage and administer a unified firm facts sharing infrastructure.
Oracle program exhibit four Recipes presents an example-based method of studying software show - the ground-breaking, quick program improvement platform incorporated with each Oracle Database license. The recipes structure is perfect for the quick-study who simply desires an outstanding instance or to kick begin their pondering and get pointed within the correct course.
- Expert Oracle SQL: Optimization, Deployment, and Statistics
- Oracle E-Business Suite Financials R12: A Functionality Guide
- OCA/OCP: Oracle9i DBA Fundamentals I Study Guide
- By Martin Bach - Expert Oracle Exadata (2nd Edition) (2015-08-14) [Paperback]
Extra resources for The Database Hackers Handbook
Should these applications be considered a part of the database? Is Microsoft’s MSDE a different database than SQL Server? They are certainly used in different ways and have a number of differing components, but they were both subject to the UDP Resolution Service bug that was the basis for the “Slammer” worm. Even if we were able to determine some weighted metric that accounted for age, stability, scrutiny, scope, and severity of published vulnerabilities, we would still be considering only “patchable” issues, rather than the inherent security features provided by the database.
This book is largely composed of a lot of very specific details about the security features and flaws in a number of databases, but you should notice common threads running through the text. We hope that by the end of the book you will have a much better understanding of how to attack the seven databases we address directly here, but also a deeper understanding of how to attack databases in general. With luck, this will translate into databases that are configured, maintained, and audited by people who are far more skilled than the people who attack them.
So, if you are actually concerned about your Oracle security or lack thereof, read on. Examining the Oracle Architecture We begin this chapter by examining the physical layout of the database, such as the Oracle processes and how they interact with the network. We move on to examining authentication and authorization and then move to the logical layout of the database. Oracle Processes and Oracle on the Network This section describes the major components of Oracle and their interaction with the network.