Ebook The Database Hacker's Handbook: Defending Database Servers, by David Litchfield, Chris Anley, John Heasman, Bill Grindlay
Understanding the way the best ways to get this book The Database Hacker's Handbook: Defending Database Servers, By David Litchfield, Chris Anley, John Heasman, Bill Grindlay is likewise important. You have been in best website to start getting this info. Obtain the The Database Hacker's Handbook: Defending Database Servers, By David Litchfield, Chris Anley, John Heasman, Bill Grindlay web link that we supply here and also see the link. You could get guide The Database Hacker's Handbook: Defending Database Servers, By David Litchfield, Chris Anley, John Heasman, Bill Grindlay or get it as soon as possible. You can quickly download this The Database Hacker's Handbook: Defending Database Servers, By David Litchfield, Chris Anley, John Heasman, Bill Grindlay after getting deal. So, when you require guide rapidly, you could directly obtain it. It's so easy therefore fats, right? You have to prefer to in this manner.
The Database Hacker's Handbook: Defending Database Servers, by David Litchfield, Chris Anley, John Heasman, Bill Grindlay
Ebook The Database Hacker's Handbook: Defending Database Servers, by David Litchfield, Chris Anley, John Heasman, Bill Grindlay
The Database Hacker's Handbook: Defending Database Servers, By David Litchfield, Chris Anley, John Heasman, Bill Grindlay How an easy suggestion by reading can improve you to be an effective person? Reviewing The Database Hacker's Handbook: Defending Database Servers, By David Litchfield, Chris Anley, John Heasman, Bill Grindlay is a really straightforward task. However, how can many individuals be so careless to read? They will certainly favor to invest their leisure time to chatting or hanging around. When actually, checking out The Database Hacker's Handbook: Defending Database Servers, By David Litchfield, Chris Anley, John Heasman, Bill Grindlay will provide you more probabilities to be successful finished with the hard works.
Getting guides The Database Hacker's Handbook: Defending Database Servers, By David Litchfield, Chris Anley, John Heasman, Bill Grindlay now is not type of difficult means. You can not simply going with book shop or collection or loaning from your buddies to read them. This is a very basic method to specifically get the book by online. This on the internet publication The Database Hacker's Handbook: Defending Database Servers, By David Litchfield, Chris Anley, John Heasman, Bill Grindlay could be among the options to accompany you when having downtime. It will certainly not waste your time. Believe me, guide will reveal you brand-new point to review. Simply invest little time to open this on the internet publication The Database Hacker's Handbook: Defending Database Servers, By David Litchfield, Chris Anley, John Heasman, Bill Grindlay and review them wherever you are now.
Sooner you obtain guide The Database Hacker's Handbook: Defending Database Servers, By David Litchfield, Chris Anley, John Heasman, Bill Grindlay, sooner you could take pleasure in reading the publication. It will be your turn to keep downloading and install guide The Database Hacker's Handbook: Defending Database Servers, By David Litchfield, Chris Anley, John Heasman, Bill Grindlay in supplied link. By doing this, you could truly make a selection that is offered to obtain your personal book online. Right here, be the initial to obtain guide qualified The Database Hacker's Handbook: Defending Database Servers, By David Litchfield, Chris Anley, John Heasman, Bill Grindlay as well as be the very first to understand how the writer suggests the message and also understanding for you.
It will have no uncertainty when you are going to choose this book. This inspiring The Database Hacker's Handbook: Defending Database Servers, By David Litchfield, Chris Anley, John Heasman, Bill Grindlay e-book can be reviewed completely in specific time depending upon how frequently you open up and read them. One to keep in mind is that every publication has their very own manufacturing to obtain by each visitor. So, be the excellent reader and also be a better person after reading this publication The Database Hacker's Handbook: Defending Database Servers, By David Litchfield, Chris Anley, John Heasman, Bill Grindlay
Databases are the nerve center of our economy. Every piece of your personal information is stored there-medical records, bank accounts, employment history, pensions, car registrations, even your children's grades and what groceries you buy. Database attacks are potentially crippling-and relentless.
In this essential follow-up to The Shellcoder's Handbook, four of the world's top security experts teach you to break into and defend the seven most popular database servers. You'll learn how to identify vulnerabilities, how attacks are carried out, and how to stop the carnage. The bad guys already know all this. You need to know it too.
* Identify and plug the new holes in Oracle and Microsoft(r) SQL Server
* Learn the best defenses for IBM's DB2(r), PostgreSQL, Sybase ASE, and MySQL(r) servers
* Discover how buffer overflow exploitation, privilege escalation through SQL, stored procedure or trigger abuse, and SQL injection enable hacker access
* Recognize vulnerabilities peculiar to each database
* Find out what the attackers already know
Go to www.wiley.com/go/dbhackershandbook for code samples, security alerts , and programs available for download.
- Sales Rank: #438254 in Books
- Brand: Brand: Wiley
- Published on: 2005-07-14
- Original language: English
- Number of items: 1
- Dimensions: 9.20" h x 1.20" w x 7.42" l, 1.66 pounds
- Binding: Paperback
- 532 pages
- Used Book in Good Condition
From the Back Cover
Databases are the nerve center of our economy. Every piece of your personal information is stored there—medical records, bank accounts, employment history, pensions, car registrations, even your children's grades and what groceries you buy. Database attacks are potentially crippling—and relentless.
In this essential follow-up to The Shellcoder's Handbook, four of the world's top security experts teach you to break into and defend the seven most popular database servers. You'll learn how to identify vulnerabilities, how attacks are carried out, and how to stop the carnage. The bad guys already know all this. You need to know it too.
- Identify and plug the new holes in Oracle and Microsoft® SQL Server
- Learn the best defenses for IBM's DB2®, PostgreSQL, Sybase ASE, and MySQL® servers
- Discover how buffer overflow exploitation, privilege escalation through SQL, stored procedure or trigger abuse, and SQL injection enable hacker access
- Recognize vulnerabilities peculiar to each database
- Find out what the attackers already know
Go to www.wiley.com/go/dbhackershandbook for code samples, security alerts , and programs available for download.
About the Author
David Litchfield specializes in searching for new threats to database systems and web applications and holds the unofficial world record for finding major security flaws. He has lectured to both British and U.S. government security agencies on database security and is a regular speaker at the Blackhat Security Briefings. He is a co-author of The Shellcoder’s Handbook, SQL Server Security, and Special Ops. In his spare time he is the Managing Director of Next Generation Security Software Ltd.
Chris Anley is a co-author of The Shellcoder’s Handbook, a best-selling book about security vulnerability research. He has published whitepapers and security advisories on a number of database systems, including SQL Server, Sybase, MySQL, DB2, and Oracle.
John Heasman is a principal security consultant at NGS Software. He is a prolific security researcher and has published many security advisories relating to high-profile products such as Microsoft Windows, Real Player, Apple Quick-Time, and PostgreSQL.
Bill Grindlay is a senior security consultant and software engineer at NGS Software. He has worked on both the generalized vulnerability scanner Typhon III and the NGSSQuirreL family of database security scanners. He is a co-author of the database administrator’s guide, SQL Server Security.
Next Generation Security Software Ltd is a UK-based company that develops a suite of database server vulnerability assessment tools, the NGSSQuirreL family. Founded in 2001, NGS Software’s consulting arm is the largest dedicated security team in Europe. All four authors of this book work for NGS Software.
Most helpful customer reviews
8 of 9 people found the following review helpful.
Attacking Database Servers
By Tatjana Injac
This review is only for the Oracle parts of the book.
The most interesting chapter is "Attacking Oracle". These guys give phrase "thinking outside of the box" the real meaning. They look for a feature or bug open to the security attack, then they shake it til it breaks. You will see exploits of AUTHID, PL/SQL injections, app. server, dbms_sql.parse bug,... most of them relevant to 9i and 10g versions.
The hacks are mainly in the sections called "Real-World Examples". Most of the exploits are already patched by Oracle and they are also available on hacking forums, but there were some new ones that were quite a revelation.
The security recommendations in the "Securing Oracle" chapter were too general, you can probably find Internet white papers on hardening Oracle that give more details. But, this book is not really about hardening Oracle, even if it says "Defending Database Servers" with small, blue letters on the front cover. This book is about attacking database servers.
I have seen David Litchfield's previous work and I am sure he knows (and has tried) more than what is written here. Can we expect to see that in "The Hacker's Handbook" part II?
3 of 5 people found the following review helpful.
Incredible! I just hope the good guys read it before the black hats do!
By Quilpole
This book is simply amazing. I would have expected a book with a handful of descriptions of exploits against the various databases, followed by some lame generalizations about blocking the holes.
Instead, this book offers detailed information on the various exploits, and detailed information on how to fix the problems.
If you are a DBA of any of the major databases, you NEED to pick up this book sooner rather than later. Now that this book is "on the streets", it's just a question of time before all hell breaks loose :(
23 of 24 people found the following review helpful.
You Really Need the 70 Pages on Your Database
By John Matlock
Here is a book in which you will probably only be interested in 1/7 of the pages. That means that instead of reading 528 pages you only need to read about 70. But, you may really, really need that 70 pages. The reason for this is that the book covers seven of the most common databases: IBM DB2, Oracle, MySQL, PostGreSQL, SQL Server, SyBase, Informix. These programs are so different that what applies to one does not generally apply to the others.
Each section of the book covers one of the databases. It usually begins with some history of both the database and attacks on it. For instance the Slammer worm compromised more than 75,000 SQL Server databases within ten minutes of its release in January 2003.
After that there is a discussion on the database, its architecture, how it handles things like authentication and so on.
Finally it goes into how to defend the database against attack. This includes information on how to remove unncecessary features and services that might serve as gateways to attacks, and talks about how to use the databases own internal security systems to their maximum effectiveness.
As I said, you really need the 70 or so pages that refer to your own database.
PS - What's the most secure database - PostGreSQL, and it goes into why.
The Database Hacker's Handbook: Defending Database Servers, by David Litchfield, Chris Anley, John Heasman, Bill Grindlay PDF
The Database Hacker's Handbook: Defending Database Servers, by David Litchfield, Chris Anley, John Heasman, Bill Grindlay EPub
The Database Hacker's Handbook: Defending Database Servers, by David Litchfield, Chris Anley, John Heasman, Bill Grindlay Doc
The Database Hacker's Handbook: Defending Database Servers, by David Litchfield, Chris Anley, John Heasman, Bill Grindlay iBooks
The Database Hacker's Handbook: Defending Database Servers, by David Litchfield, Chris Anley, John Heasman, Bill Grindlay rtf
The Database Hacker's Handbook: Defending Database Servers, by David Litchfield, Chris Anley, John Heasman, Bill Grindlay Mobipocket
The Database Hacker's Handbook: Defending Database Servers, by David Litchfield, Chris Anley, John Heasman, Bill Grindlay Kindle
Tidak ada komentar:
Posting Komentar