Summary

Previous page
Table of content
Next page
 < Day Day Up > 

This chapter gave an overview of database vulnerabilities and the methods of detecting and securing against potential attackers. Although clumsy attempts to brute force a password are detectable by careful auditing, more subtle attacks such as SQL injection can be virtually impossible to pick up.

In a database environment, prevention is undoubtedly easier than detection, and this chapter covered some methods of securing a database server, with particular focus on SQL Server. One of the biggest pitfalls is the installation of a database server with a default configuration. It is critical that user and service accounts are configured securely, with only the minimum access necessary to function. Keeping up to date with patches and service packs is also essential to protect against new exploits.

     < Day Day Up > 

    Previous page
    Table of content
    Next page
    Penetration Testing and Network Defense
    Penetration Testing and Network Defense
    ISBN: 1587052083
    EAN: 2147483647
    Year: 2005
    Pages: 209
    Authors: Andrew Whitaker, Daniel Newman
    BUY ON AMAZON
    Java I/O
    Strategies for Information Technology Governance
    Cisco IOS in a Nutshell (In a Nutshell (OReilly))
    Excel Scientific and Engineering Cookbook (Cookbooks (OReilly))
    MySQL Clustering
    Microsoft Windows Server 2003(c) TCP/IP Protocols and Services (c) Technical Reference
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy