Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: Oracle 9i on Windows 2003 -- Vulnerability Question

RE: Oracle 9i on Windows 2003 -- Vulnerability Question

From: Panosian, Estifan <EPanosian_at_edc.ca>
Date: Fri, 1 Dec 2006 10:44:47 -0500
Message-ID: <FA7E8D9972B6974F9F1088DE4C4FB59D06DECF41@EXCHMAIL5.edc.ca> 





Thanks everybody.


Estifan Panosian



-----Original Message-----


From: Niall Litchfield [mailto:niall.litchfield_at_gmail.com] 
Sent: Friday, December 01, 2006 4:51 AM


To: Panosian, Estifan


Cc: Oracle-L Freelists


Subject: Re: Oracle 9i on Windows 2003 -- Vulnerability Question



On 11/30/06, Panosian, Estifan <EPanosian_at_edc.ca> wrote:


> Hello,

>

> I am trying to make our database more secure, one of the scenarios we

> came up is:

> 'what if an internal hacker (somehow) gets to our database server?'

> 1) what kind of damages he/she could cause, and

> 2) what we need to do to protect our databases?

> 3) Could hacker be able to browse data?

>

> Any article in this regard?

>

> OS is Windows 2003, Oracle is 9.2.0.7.

> The hacker has admin rights on the server.




If you mean physically or remotely (for example using some desktop
remoting software such as vnc|remote desktop|citrix) then it will - in
almost all circumstances - be trivial to carry out any malicious
action that you can think of.  The physical analogy would be if a
burglar can enter you house and has access to your keys/safe codes etc
what damage could they do?



cheers


-- 
Niall Litchfield
Oracle DBA
http://www.orawin.info
--
http://www.freelists.org/webpage/oracle-l


Received on Fri Dec 01 2006 - 09:44:47 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US