RE: Oracle 9i on Windows 2003 -- Vulnerability Question
- From: "Panosian, Estifan" <EPanosian@xxxxxx>
- To: "Niall Litchfield" <niall.litchfield@xxxxxxxxx>
- Date: Fri, 1 Dec 2006 10:44:47 -0500
Thanks everybody.
Estifan Panosian
-----Original Message-----
From: Niall Litchfield [mailto:niall.litchfield@xxxxxxxxx]
Sent: Friday, December 01, 2006 4:51 AM
To: Panosian, Estifan
Cc: Oracle-L Freelists
Subject: Re: Oracle 9i on Windows 2003 -- Vulnerability Question
On 11/30/06, Panosian, Estifan <EPanosian@xxxxxx> wrote:
> Hello,
>
> I am trying to make our database more secure, one of the scenarios we
> came up is:
> 'what if an internal hacker (somehow) gets to our database server?'
> 1) what kind of damages he/she could cause, and
> 2) what we need to do to protect our databases?
> 3) Could hacker be able to browse data?
>
> Any article in this regard?
>
> OS is Windows 2003, Oracle is 9.2.0.7.
> The hacker has admin rights on the server.
If you mean physically or remotely (for example using some desktop
remoting software such as vnc|remote desktop|citrix) then it will - in
almost all circumstances - be trivial to carry out any malicious
action that you can think of. The physical analogy would be if a
burglar can enter you house and has access to your keys/safe codes etc
what damage could they do?
cheers
--
Niall Litchfield
Oracle DBA
http://www.orawin.info
--
//www.freelists.org/webpage/oracle-l
Other related posts:
