Thursday, August 23, 2012

Database Vulnerabilities

in this post you will find 10 ways make your database easy to hack ,Special thank for Team Shatter , I post online Article about Database security before and as reminder read it again it . LETS START


1-default-blank-and-weak-username-and-passwords

We All know What we mean by Defaults and weak password (which not complex)

To create a strong password:
  • Don’t use words that can be easily guessed or found in the dictionary
  • Use a combination of letters, numbers and characters
  • Create a complex sentence instead of a word
  • Do not share your password with anyone or write it down and leave it in your desk drawer
2-sql-injections-in-the-database

sql injection : attack vector in the DBMS through Web applications because of a failure to sanitize user inputs.
SQL Injection in the DBMS exploits passing SQL commands as a parameter of a function or stored procedure. This will then execute the malicious SQL commands in the context of the component that provides the called function. This is often done using components with system or admin privileges resulting in privilege escalation.

3-excessive-user-and-group-privileges

avoid extensive user and group privileges:
  • Map Job Functions to Privileges on IT assets
  • Never Assign Privileges Directly to Guest Accounts or Public
  • Untangle The Web of User Entitlements
  • Implement Compensating Controls for What You Can’t Fix

4-Unnecessary Enabled Database Features.



These features provide database application developers with a lot more power when working with a DBMS.  The flipside of the coin is, the more power you give a developer, the more attack vectors you potentially expose to the bad guys.

5-check-your-database-configurations with your company Goal.

6-Buffer Overflows 

A buffer overflow is when the input to a function contains more data than the input buffer can hold. If the size of the input is not checked during the copy to that buffer, adjacent memory that is used for other purposes might get overwritten.

 In most cases, this will be more or less random and can lead to unpredictable behavior, like crashing the server. However, if an attacker is able to also change the code execution pointer to the location of the overwritten memory, it is possible to execute any kind of malicious code using the context of the DBMS process.

 This could lead to a potential total compromise of the system, resulting in loss of sensitive information and overall security.
To protect against these types of attacks, it is important to always keep your DBMS updated with the latest security patches available from the vendor, as well as monitoring for known attack signatures.


 7-Privilege Escalation 

privilege escalation attack is when the attacker is exploiting a known vulnerability in a DBMS that allows a user account with restricted privileges to execute instructions or query data that that typically requires higher privileges. Thus unlocking the locks in the candy store.

There are different common vulnerabilities that allow for privilege escalation. Sometimes misusing a function that runs under a sysdba, sa or similar security context. In other cases it is done by exploiting vulnerabilities that allow a low-privileged account to grant itself more rights.

To protect against these types of attacks, it is important to always keep your DBMS updated with the latest security patches available from the vendor, as well as continuously monitor for known attack signatures.

8-Denial of Service Attack DoS

Think of a washing machine. The more clothes you put in it, the more work it needs to do. If you overfill it with clothes, it gets overwhelmed and stops working.

The same thing happens with a Denial of Service attack. It creates so much traffic on a site, a server or even sections of the internet that it cannot function and shuts down.

The most infamous DoS involving database servers was in 2003 when a computer worm called the SQL Slammer compromised more than 75,000 servers and slowed internet traffic to a halt.

9-Unpatched Databases

 Many organizations don’t implement patches right away – some even wait a year or more. The most common excuses are the downtime involved with implementing patches and the time involved with testing these patches to make sure they don’t affect the production software. Whatever the excuse may be, organizations should use database activity monitoring to manage the gap between patches on its databases containing critical information PII data.

10-Unencrypted sensitive data

Encryption is an important part of housing sensitive data. Network traffic should also be encrypted to ensure that the passwords used to access sensitive, critical data cannot be seen by traffic.

Any information that goes over the network or stored in the database should be encrypted and kept from prying eyes. Some network configurations and database management systems might allow for critical information to be sent in clear text. To ensure this doesn’t occur, make sure you have the latest version of software and turn off text indexing.

Remember to back to my online article .
Thank you

Useful Link :
1-Team Shatter


Osama Mustafa


No comments:

Post a Comment