The Database Hacker's Handbook: Defending Database Servers
| Author | : | |
| Rating | : | 4.17 (679 Votes) |
| Asin | : | 0764578014 |
| Format Type | : | paperback |
| Number of Pages | : | 532 Pages |
| Publish Date | : | 2013-10-13 |
| Language | : | English |
DESCRIPTION:
In this essential follow-up to The Shellcoder's Handbook, four of the world's top security experts teach you to break into and defend the seven most popular database servers. Database attacks are potentially crippling—and relentless. From the Back Cover Databases are the nerve center of our economy. The bad guys already know all this. You need to know it too.Identify and plug the new holes in Oracle and Microsoft® SQL ServerLearn the best defenses for IBM's DB2®, PostgreSQL, Sybase ASE, and MySQL® serversDiscover how buffer overflow exploitation, privilege escalation through SQL, stored procedure or trigger abuse, and SQL injection enable hacker accessRecognize vulnerabilities peculiar to each databaseFind out what the att
Every piece of your personal information is stored there-medical records, bank accounts, employment history, pensions, car registrations, even your children's grades and what groceries you buy. In this essential follow-up to The Shellcoder's Handbook, four of the world's top security experts teach you to break into and defend the seven most popular database servers. You'll learn how to identify vulnerabilities, how attacks are carried out, and how to stop the carnage. The bad guys already know all this. Database attacks are potentially crippling-and relentless. Databases are the nerve center of our economy. You need to know it too. * Identify and plug the new holes in Oracle and Microsoft(r) SQL Server * Learn the best defenses for IBM's DB2(r), PostgreSQL, Sybase ASE, and MySQL(r) servers * Discover how buffer overflow exploitation, privilege escalation through SQL, stored procedure or trigger abuse, and SQL injection enable hacker access * Recognize vulnerabilities peculiar to each database * Find out what the attackers already know Go to wiley/go/dbhackershandbook for code samples, security alerts , and programs available for download.
"Attacking Database Servers" according to Tatjana Injac. This review is only for the Oracle parts of the book.The most interesting chapter is "Attacking Oracle". These guys give phrase "thinking outside of the box" the real meaning. They look for a feature or bug open to the security attack, then they shake it til it breaks. You will see exploits of AUTHID, PL/SQL injectio. "Incredible! I just hope the good guys read it before the black hats do!" according to Quilpole. This book is simply amazing. I would have expected a book with a handful of descriptions of exploits against the various databases, followed by some lame generalizations about blocking the holes.Instead, this book offers detailed information on the various exploits, and detailed information on how to fix the problems. John Matlock said You Really Need the 70 Pages on Your Database. Here is a book in which you will probably only be interested in 1/7 of the pages. That means that instead of reading 5"You Really Need the 70 Pages on Your Database" according to John Matlock. Here is a book in which you will probably only be interested in 1/7 of the pages. That means that instead of reading 528 pages you only need to read about 70. But, you may really, really need that 70 pages. The reason for this is that the book covers seven of the most common databases: IBM DB2, Oracle, MySQL, PostGre. 8 pages you only need to read about 70. But, you may really, really need that 70 pages. The reason for this is that the book covers seven of the most common databases: IBM DB"You Really Need the 70 Pages on Your Database" according to John Matlock. Here is a book in which you will probably only be interested in 1/7 of the pages. That means that instead of reading 528 pages you only need to read about 70. But, you may really, really need that 70 pages. The reason for this is that the book covers seven of the most common databases: IBM DB2, Oracle, MySQL, PostGre. , Oracle, MySQL, PostGre
He is a co-author of The Shellcoder’s Handbook, SQL Server Security, and Special Ops. government security agencies on database security and is a regular speaker at the Blackhat Security Briefings. Founded in 2001, NGS Software’s consulting arm is the largest dedicated security team in Europe. David Litchfield specializes in search