The Database Hacker's Handbook: Defending Database Servers
| Author | : | |
| Rating | : | 4.44 (892 Votes) |
| Asin | : | 0764578014 |
| Format Type | : | paperback |
| Number of Pages | : | 532 Pages |
| Publish Date | : | 2013-01-03 |
| Language | : | English |
DESCRIPTION:
Tatjana Injac said Attacking Database Servers. This review is only for the Oracle parts of the book.The most interesting chapter is "Attacking Oracle". These guys give phrase "thinking outside of the box" the real meaning. They look for a feature or bug open to the security attack, then they shake it til it breaks. You will see exploits of AUTHID, PL/SQL injections, app. server, dbms_sql.parse bug, most of them relevant to 9i and 10g versions.The hacks are mainly in the sections called "Real-World Example. Incredible! I just hope the good guys read it before the black hats do! This book is simply amazing. I would have expected a book with a handful of descriptions of exploits against the various databases, followed by some lame generalizations about blocking the holes.Instead, this book offers detailed information on the various exploits, and detailed information on how to fix the problems.If you are a DBA of any of the major databases, you NEED to pick up this book sooner rather than later. Now that this book is "on the streets", . John Matlock said You Really Need the 70 Pages on Your Database. Here is a book in which you will probably only be interested in 1/7 of the pages. That means that instead of reading 5"You Really Need the 70 Pages on Your Database" according to John Matlock. Here is a book in which you will probably only be interested in 1/7 of the pages. That means that instead of reading 528 pages you only need to read about 70. But, you may really, really need that 70 pages. The reason for this is that the book covers seven of the most common databases: IBM DB2, Oracle, MySQL, PostGreSQL, SQL Server, SyBase, Informix. These programs are so different that what applies to one does not generally apply to the others.Each section o. 8 pages you only need to read about 70. But, you may really, really need that 70 pages. The reason for this is that the book covers seven of the most common databases: IBM DB"You Really Need the 70 Pages on Your Database" according to John Matlock. Here is a book in which you will probably only be interested in 1/7 of the pages. That means that instead of reading 528 pages you only need to read about 70. But, you may really, really need that 70 pages. The reason for this is that the book covers seven of the most common databases: IBM DB2, Oracle, MySQL, PostGreSQL, SQL Server, SyBase, Informix. These programs are so different that what applies to one does not generally apply to the others.Each section o. , Oracle, MySQL, PostGreSQL, SQL Server, SyBase, Informix. These programs are so different that what applies to one does not generally apply to the others.Each section o
Every piece of your personal information is stored there-medical records, bank accounts, employment history, pensions, car registrations, even your children's grades and what groceries you buy. You need to know it too. In this essential follow-up to The Shellcoder's Handbook, four of the world's top security experts teach you to break into and defend the seven most popular database servers. You'll learn how to identify vulnerabilities, how attacks are carried out, and how to stop the carnage. Database attacks are potentially crippling-and relentless. Databases are the nerve center of our economy. The bad guys already know all this. * Identify and plug the new holes in Oracle and Microsoft(r) SQL Server * Learn the best defenses for IBM's DB2(r), PostgreSQL, Sybase ASE, and MySQL(r) servers * Discover how buffer overflow exploitation, privilege escalation through SQL, stored procedure or trigger abuse, and SQL injection enable hacker access * Recognize vulnerabilities peculiar to each database * Find out what the attackers already know Go to wiley/go/dbhackershandbook for code samples, security alerts , and programs available for download.
You'll learn how to identify vulnerabilities, how attacks are carried out, and how to stop the carnage. Database attacks are potentially crippling—and relentless. The bad guys already know all this. Every piece of your personal information is stored there—medical records, bank accounts, employment history, pensions, car registrations, even your children's grades and what groceries you buy. You need to know it too.Identify and plug the new holes in Oracle and Microsoft® SQL ServerLearn the best defenses for IBM's DB2®, PostgreSQL, Sybase ASE, and MySQL® serversDiscover how buffer overflow exploitation, privilege escalation through SQL, stored procedure or trigger abuse, and SQL injection enable hacker accessRecognize vulnerabilities peculiar to each databaseFind out what the attackers already knowGo to wiley/go/dbhackershandbook for code samples, security alerts , and programs available for download.. From the Back Cover Databases are the nerve c
Chris Anley is a co-author of The Shellcoder’s Handbook, a best-selling book about security vulnerability research. He is a prolific security researcher and has published many security advisories relating to high-profile products such as Microsoft Windows, Real Player, Apple Quick-Time, and PostgreSQL.Bill Grindlay is a senior security consultant and software engineer at NGS Software. All four authors of this book work for NGS Software.. He