The Database Hacker's Handbook: Defending Database Servers (+code)

Author(s): David Litchfield, Chris Anley et al.
Publisher: Wiley
Date : 2005
Pages : 1
Format : CHM
OCR : Yes
Quality :
Language : English
ISBN-10 : 0764578014
ISBN-13 :
Databases are the nerve center of our economy. Every piece of your personal information is stored there-medical records, bank accounts, employment history, pensions, car registrations, even your children's grades and what groceries you buy. Database attacks are potentially crippling-and relentless.

In this essential follow-up to The Shellcoder's Handbook, four of the world's top security experts teach you to break into and defend the seven most popular database servers. You'll learn how to identify vulnerabilities, how attacks are carried out, and how to stop the carnage. The bad guys already know all this. You need to know it too.
* Identify and plug the new holes in Oracle and Microsoft(r) SQL Server
* Learn the best defenses for IBM's DB2(r), PostgreSQL, Sybase ASE, and MySQL(r) servers
* Discover how buffer overflow exploitation, privilege escalation through SQL, stored procedure or trigger abuse, and SQL injection enable hacker access
* Recognize vulnerabilities peculiar to each database
* Find out what the attackers already know

Go to www.wiley.com/go/dbhackershandbook for code samples, security alerts , and programs available for download.

CONTENTS

Preface
Introduction
Part I - Introduction
Chapter 1 - Why Care About Database Security?
Part II - Oracle
Chapter 2 - The Oracle Architecture
Chapter 3 - Attacking Oracle
Chapter 4 - Oracle: Moving Further into the Network
Chapter 5 - Securing Oracle
Part III - DB2
Chapter 6 - IBM DB2 Universal Database
Chapter 7 - DB2: Discovery, Attack, and Defense
Chapter 8 - Attacking DB2
Chapter 9 - Securing DB2
Part IV - Informix
Chapter 10 - The Informix Architecture
Chapter 11 - Informix: Discovery, Attack, and Defense
Chapter 12 - Securing Informix
Part V - Sybase ASE
Chapter 13 - Sybase Architecture
Chapter 14 - Sybase: Discovery, Attack, and Defense
Chapter 15 - Sybase: Moving Further into the Network
Chapter 16 - Securing Sybase
Part VI - MySQL
Chapter 17 - MySQL Architecture
Chapter 18 - MySQL: Discovery, Attack, and Defense
Chapter 19 - MySQL: Moving Further into the Network
Chapter 20 - Securing MySQL
Part VII - SQL Server
Chapter 21 - Microsoft SQL Server Architecture
Chapter 22 - SQL Server: Exploitation, Attack, and Defense
Chapter 23 - Securing SQL Server
Part VIII - PostgreSQL
Chapter 24 - The PostgreSQL Architecture
Chapter 25 - PostgreSQL: Discovery and Attack
Chapter 26 - Securing PostgreSQL
Part IX - Appendixes
Appendix A - Example C Code for a Time-Delay SQL Injection Harness
Appendix B - Dangerous Extended Stored Procedures
Appendix C - Oracle Default Usernames and Passwords
List of Figures
List of Tables
List of Sidebars
http://rapidshare.com/files/173884591/07
http://rapidshare.com/files/173884683/Da.