Chapter 15

Databases and Storage Systems

In This Chapter

arrow Testing and exploiting database flaws

arrow Finding storage weaknesses

arrow Ferreting out sensitive information

arrow Countering database and storage abuse

Attacks against databases and storage systems can be very serious because that’s where “the goods” are located, and the bad guys are well aware of that. These attacks can occur across the Internet or on the internal network when external attackers and malicious insiders exploit any number of vulnerabilities. These attacks can also occur via the web application through SQL injection.

Diving into Databases

Database systems, such as Microsoft SQL Server, MySQL, and Oracle, have lurked behind the scenes, but their value and their vulnerabilities have finally come to the forefront. Yes, even the mighty Oracle that was once claimed to be unhackable is susceptible to similar exploits as its competition. With the slew of regulatory requirements governing database security, hardly any business can hide from the risks that lie within because practically every business (large and small) uses some ...

Get Hacking For Dummies, 4th Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.