Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: Oracle 9i on Windows 2003 -- Vulnerability Question

Re: Oracle 9i on Windows 2003 -- Vulnerability Question

From: Niall Litchfield <niall.litchfield_at_gmail.com>
Date: Fri, 1 Dec 2006 09:50:31 +0000
Message-ID: <7765c8970612010150u5c77e816o8ac2a69b1c00e780@mail.gmail.com> 





On 11/30/06, Panosian, Estifan <EPanosian_at_edc.ca> wrote:


> Hello,

>

> I am trying to make our database more secure, one of the scenarios we

> came up is:

> 'what if an internal hacker (somehow) gets to our database server?'

> 1) what kind of damages he/she could cause, and

> 2) what we need to do to protect our databases?

> 3) Could hacker be able to browse data?

>

> Any article in this regard?

>

> OS is Windows 2003, Oracle is 9.2.0.7.

> The hacker has admin rights on the server.




If you mean physically or remotely (for example using some desktop
remoting software such as vnc|remote desktop|citrix) then it will - in
almost all circumstances - be trivial to carry out any malicious
action that you can think of.  The physical analogy would be if a
burglar can enter you house and has access to your keys/safe codes etc
what damage could they do?



cheers


-- 
Niall Litchfield
Oracle DBA
http://www.orawin.info
--
http://www.freelists.org/webpage/oracle-l


Received on Fri Dec 01 2006 - 03:50:31 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US