Re: Oracle 9i on Windows 2003 -- Vulnerability Question

• From: Mario Broodbakker <mbroodbakker@xxxxxxxxx>
• To: EPanosian@xxxxxx
• Date: Thu, 30 Nov 2006 17:44:07 -0800 (PST)

A user with admin rights can give him/herself dba priviliges. And so connect as 
sysdba, and do anything he/she likes, whatever a sysdba can do.

Mario

----- Original Message ----
From: "Panosian, Estifan" <EPanosian@xxxxxx>
To: Oracle-L Freelists <oracle-l@xxxxxxxxxxxxx>
Sent: Thursday, November 30, 2006 3:20:14 PM
Subject: Oracle 9i on Windows 2003 -- Vulnerability Question


Hello,

I am trying to make our database more secure, one of the scenarios we
came up is:
'what if an internal hacker (somehow) gets to our database server?'
1) what kind of damages he/she could cause, and 
2) what we need to do to protect our databases?
3) Could hacker be able to browse data?

Any article in this regard? 

OS is Windows 2003, Oracle is 9.2.0.7. 
The hacker has admin rights on the server.

Regards,
Estifan Panosian
--
//www.freelists.org/webpage/oracle-l
--
//www.freelists.org/webpage/oracle-l

Other related posts:

• » Oracle 9i on Windows 2003 -- Vulnerability Question
• » Re: Oracle 9i on Windows 2003 -- Vulnerability Question
• » Re: Oracle 9i on Windows 2003 -- Vulnerability Question
• » Re: Oracle 9i on Windows 2003 -- Vulnerability Question
• » Re: Oracle 9i on Windows 2003 -- Vulnerability Question
• » RE: Oracle 9i on Windows 2003 -- Vulnerability Question
• » RE: Oracle 9i on Windows 2003 -- Vulnerability Question
• » RE: Oracle 9i on Windows 2003 -- Vulnerability Question
• » Re: Oracle 9i on Windows 2003 -- Vulnerability Question
• » Re: Oracle 9i on Windows 2003 -- Vulnerability Question

1. Home
2. oracle-l
3. Archive
4. 11-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---