Databases Reference
In-Depth Information
3339/tcp open unknown
3372/tcp open msdtc
4443/tcp open unknown
5800/tcp open vnc-http
5900/tcp open vnc
7778/tcp open unknown
8228/tcp open unknown
Nmap run completed -- 1 IP address (1 host up) scanned in 63
seconds
You should perform this scan on your machines. For example, I was actu-
ally surprised I had a Web server running on this particular machine and
managed to find a security vulnerability in the course of writing this example!
3.6
Secure services from known network attacks
In the Chapters 1 and 2 you learned that knowing about vulnerabilities and
applying patches is important and can help you close holes that may exist
within your database environment. This section expands on this topic, spe-
cifically for attacks on the network services that are a part of your database
environment. The networking modules within your database require special
mention because many hacker techniques utilize network attacks. In fact,
this is the main reason that approximately half of the security world is
focused on network security.
Network techniques are common among hackers because the network is
relatively accessible and because many software modules that interface to
the network can be attacked by sending data packets that are malformed,
that exploit a bug, or that use a built-in feature in a way that was not ever
considered.
3.6.1
Anatomy of a vulnerability: SQL Slammer
At approximately 12:30 Eastern time on January 25, 2003, the SQL Slam-
mer worm (also called the Sapphire worm) infected more than 120,000
servers running SQL Server 2000 and brought down many leading corpo-
rations throughout the world. The attack took 10 minutes to spread world-
wide, and the approximate infection rate was a doubling of the number of
infected systems every 8.5 seconds. At its peak—3 minutes after it was
released—SQL Slammer was scanning more than 55 million IP addresses
per second. The attack used database servers, but the effect was much larger
because the worm managed to overwhelm network infrastructures such as
Search WWH ::
Custom Search