Book description
Databases are the nerve center of our economy. Every piece of your personal information is stored there-medical records, bank accounts, employment history, pensions, car registrations, even your children's grades and what groceries you buy. Database attacks are potentially crippling-and relentless.
In this essential follow-up to The Shellcoder's Handbook, four of the world's top security experts teach you to break into and defend the seven most popular database servers. You'll learn how to identify vulnerabilities, how attacks are carried out, and how to stop the carnage. The bad guys already know all this. You need to know it too.
* Identify and plug the new holes in Oracle and Microsoft(r) SQL Server
* Learn the best defenses for IBM's DB2(r), PostgreSQL, Sybase ASE, and MySQL(r) servers
* Discover how buffer overflow exploitation, privilege escalation through SQL, stored procedure or trigger abuse, and SQL injection enable hacker access
* Recognize vulnerabilities peculiar to each database
* Find out what the attackers already know
Go to www.wiley.com/go/dbhackershandbook
for code samples, security alerts, and programs available for download.
Table of contents
- Cover Page
- Title Page
- Copyright
- Dedication
- About the Author
- Credits
- Contents
- Preface
- Acknowledgements
- Introduction
- Part I: Introduction
- Part II: Oracle
- Part III: DB2
-
Part IV: Informix
- CHAPTER 10: The Informix Architecture
- CHAPTER 11: Informix: Discovery, Attack, and Defense
-
CHAPTER 12: Securing Informix
- Keep the Server Patched
- Encrypt Network Traffic
- Revoke the Connect Privilege from Public
- Enable Auditing
- Revoke Public Permissions on File Access Routines
- Revoke Public Execute Permissions on Module Routines
- Preventing Shared Memory from Being Dumped
- Preventing Local Attacks on Unix-Based Servers
- Restrict Language Usage
- Useful Documents
- Part V: Sybase ASE
- Part VI: MySQL
- Part VII: SQL Server
- Part VIII: PostgreSQL
- APPENDIX A: Example C Code for a Time-Delay SQL Injection Harness
- APPENDIX B: Dangerous Extended Stored Procedures
- APPENDIX C: Oracle Default Usernames and Passwords
- Index
Product information
- Title: The Database Hacker's Handbook: Defending Database Servers
- Author(s):
- Release date: July 2005
- Publisher(s): Wiley
- ISBN: 9780764578014
You might also like
book
The Oracle® Hacker's Handbook: Hacking and Defending Oracle
David Litchfield has devoted years to relentlessly searching out the flaws in the Oracle database system …
book
SQL Injection Attacks and Defense, 2nd Edition
SQL Injection Attacks and Defense, First Edition: Winner of the Best Book Bejtlich Read Award "SQL …
book
Gray Hat Hacking The Ethical Hacker's Handbook, Fifth Edition, 5th Edition
Cutting-edge techniques for finding and fixing critical security flaws Fortify your network and avert digital catastrophe …
book
The Browser Hacker's Handbook
Hackers exploit browser vulnerabilities to attack deep within networks The Browser Hacker's Handbook gives a practical …