"Panosian, Estifan" <EPanosian_at_edc.ca> wrote:
Hello,
> I am trying to make our database more
> secure, one of the scenarios we
> came up is: 'what if an internal hacker
> (somehow) gets to our database server?'
> 1) what kind of damages he/she could cause, and
> 2) what we need to do to protect our databases?
> 3) Could hacker be able to browse data?
> Any article in this regard?
> OS is Windows 2003, Oracle is 9.2.0.7.
> The hacker has admin rights on the server.
The oracle.exe process and thread objects on Windows have not been secured properly and have NULL DACLs - this means that *anyone* (as part of the Everyone special group) that has local access to the server or (remote access and the ability to run code) can exploit this to gain local system/admin privileges. (OpenThread() -> SetThreadContext() -> Set EIP to shellcode)
Regardless of the operating system, though, (unless your running a well configured CMW/B1 system like Virtual Vault or Pitbull) there's not much you can do to stop a hacker that has root or administrator/local system privileges.
Without even going through the database server an attacker with this level of privilege can go straight after the datafiles.
Encryption of data is the best solution - of course you'll need to ensure that the attacker doesn't have access to the keys, though!
For more information on Oracle and database security see http://www.databasesecurity.com/
Cheers,
David Litchfield
p.s. The NULL Dacl problems are not Microsoft's fault before anyone blames them...
Send instant messages to your online friends http://uk.messenger.yahoo.com
--
http://www.freelists.org/webpage/oracle-l
Received on Fri Dec 01 2006 - 02:57:40 CST
