Databases Reference
In-Depth Information
9
Trojans
A
is an unauthorized program contained within a legitimate pro-
gram, a legitimate program that has been modified by placement of unau-
thorized code within it, or a program that seems to do one thing but
actually does several additional operations without your knowledge or
agreement. The word comes from the mythical story of Troy in which the
Greeks gave their enemy a huge wooden horse as a gift during the war.
Inside the horse were Greek soldiers who stormed out of the horse during
the night and conquered the city.
Trojans (or Trojan horses) are one of the main forms of attacks that have
gained fame on the desktop (or rather have become infamous)—together
with worms, viruses, and other malicious programs. Because the definition
of a Trojan is primarily based on the form that the attack takes and the way
that it manifests, Trojans exist as an attack pattern in any realm. For the
most part, we have been used to Trojans that manifest on the Windows
operating system. Appendix 9.A gives you an overview of Windows Trojans.
Beyond being generally related and of interest, this appendix can help you
understand some of the techniques and approaches that an attacker may use
regardless of the platform in which the Trojan is placed. The rest of the
chapter is devoted to database Trojans (i.e., unauthorized code that is placed
into procedural elements within the database).
Throughout the chapter I use qualifiers such as “attack” and “malicious”
to describe Trojans, but in fact many Trojans are a result of mistakes and bad
configuration control. A developer can mistakenly inject a bug or even just
generate a lot of debugging logs, which wreaks havoc on a production server.
This is sometimes the result of a mistake, such as confusing the production
server with the development server or an oversight on the developer's part and
lax control allowing developers to experiment on the production database. I
will not distinguish between malicious and erroneous/carelessness scenarios
because in both cases the same techniques apply.
Trojan
Search WWH ::
Custom Search