 |
|
Oracle Tips by Burleson |
Web Stalkers
Chapter 5 -
All About Cybercrime
Outside-In Hacker Attacks
No Password Disabling – Hacker routines love systems that
do not disable a user ID after repeated password attempts. On these
systems, they run bots to try hundreds of thousands of passwords
until they gain entry.
Man-in-the Middle Attacks – Hackers can
gain access to computer systems by guessing the IP address of a
connected user and sending a TCP/IP packet with that user’s IP
information.
Trojan Horse Access – Once a hacker gets
a user’s IP address, they can map-out phony sign-on screens to their
boss and get a privileged password. These attacks are usually easy
to use tools such as ASP and Active-X that allows HTML pages to be
redirected to the user’s IP address.
Buffer Overflow Attacks – In these
attacks, the web cache buffer is deliberately overloaded to gain
unauthorized entry to the system.
Injection Threats – Many database
systems have vulnerabilities in which access to confidential data
can be gained via a SQL injection, a technique where a “1=1” string
is added to a sign-on string. For example, this query might return
the real password for a user named Jane:
select
userid, password
from
dba_users
SEE
CODE DEPOT FOR FULL SCRIPT
OR 1=1;”
|
Download your Oracle scripts now:
www.oracle-script.com
The
definitive Oracle Script collection for every Oracle professional DBA
|
|
