SmartSellTM - The New Way to Sell Online

We won't be beaten by anyone. Guaranteed

The Database Hacker's Handbook
By

Rating
New or Used: 2 copies from $141.74
Databases are the nerve center of our economy. Every piece of your personal information is stored there-medical records, bank accounts, employment history, pensions, car registrations, even your children's grades and what groceries you buy. Database attacks are potentially crippling-and relentless. In this essential follow-up to "The Shellcoder's Handbook", four of the world's top security experts teach you to break into and defend the seven most popular database servers. You'll learn how to identify vulnerabilities, how attacks are carried out, and how to stop the carnage. The bad guys already know all this. You need to know it too. This work enables you to: identify and plug the new holes in Oracle and Microsoft[registered] SQL Server; learn the best defenses for IBM's DB2[registered], PostgreSQL, Sybase ASE, and MySQL[registered] servers; discover how buffer overflow exploitation, privilege escalation through SQL, stored procedure or trigger abuse, and SQL injection enable hacker access; recognize vulnerabilities peculiar to each database; and find out what the attackers already know.

Table of Contents

About the Authors.

Preface.Acknowledgments.Introduction.Part I: Introduction.Chapter 1: Why Care About Database Security?Part II: Oracle.Chapter 2: The Oracle Architecture.Chapter 3: Attacking Oracle.Chapter 4: Oracle: Moving Further into the Network.Chapter 5: Securing Oracle.Part III: DB2.Chapter 6: IBM DB2 Universal Database.Chapter 7: DB2: Discovery, Attack, and Defense.Chapter 8: Attacking DB2.Chapter 9: Securing DB2.Part IV: Informix.Chapter 10: The Informix Architecture.Chapter 11: Informix: Discovery, Attack, and Defense.Chapter 12: Securing Informix.Part V: Sybase ASE.Chapter 13: Sybase Architecture.Chapter 14: Sybase: Discovery, Attack, and Defense.Chapter 15: Sybase: Moving Further into the Network.Chapter 16: Securing Sybase.Part VI: MySQL.Chapter 17: MySQL Architecture.Chapter 18: MySQL: Discovery, Attack, and Defense.Chapter 19: MySQL: Moving Further into the Network.Chapter 20: Securing MySQL.Part VII: SQL Server.Chapter 21: Microsoft SQL Server Architecture.Chapter 22: SQL Server: Exploitation, Attack, and Defense.Chapter 23: Securing SQL Server.Part VIII: PostgreSQL.Chapter 24: The PostgreSQL Architecture.Chapter 25: PostgreSQL: Discovery and Attack.Chapter 26: Securing PostgreSQL.Appendix A: Example C Code for a Time--Delay SQL Injection Harness.Appendix B: Dangerous Extended Stored Procedures.Appendix C: Oracle Default Usernames and Passwords.Index.
Product Details

Table of Contents

About the Authors. Preface. Acknowledgments. Introduction. Part I: Introduction. Chapter 1: Why Care About Database Security? Part II: Oracle. Chapter 2: The Oracle Architecture. Chapter 3: Attacking Oracle. Chapter 4: Oracle: Moving Further into the Network. Chapter 5: Securing Oracle. Part III: DB2. Chapter 6: IBM DB2 Universal Database. Chapter 7: DB2: Discovery, Attack, and Defense. Chapter 8: Attacking DB2. Chapter 9: Securing DB2. Part IV: Informix. Chapter 10: The Informix Architecture. Chapter 11: Informix: Discovery, Attack, and Defense. Chapter 12: Securing Informix. Part V: Sybase ASE. Chapter 13: Sybase Architecture. Chapter 14: Sybase: Discovery, Attack, and Defense. Chapter 15: Sybase: Moving Further into the Network. Chapter 16: Securing Sybase. Part VI: MySQL. Chapter 17: MySQL Architecture. Chapter 18: MySQL: Discovery, Attack, and Defense. Chapter 19: MySQL: Moving Further into the Network. Chapter 20: Securing MySQL. Part VII: SQL Server. Chapter 21: Microsoft SQL Server Architecture. Chapter 22: SQL Server: Exploitation, Attack, and Defense. Chapter 23: Securing SQL Server. Part VIII: PostgreSQL. Chapter 24: The PostgreSQL Architecture. Chapter 25: PostgreSQL: Discovery and Attack. Chapter 26: Securing PostgreSQL. Appendix A: Example C Code for a Time-Delay SQL Injection Harness. Appendix B: Dangerous Extended Stored Procedures. Appendix C: Oracle Default Usernames and Passwords. Index.

About the Author

David Litchfield specializes in searching for new threats to database systems and web applications and holds the unofficial world record for finding major security flaws. He has lectured to both British and U.S. government security agencies on database security and is a regular speaker at the Blackhat Security Briefings. He is a co-author of The Shellcoder's Handbook, SQL Server Security, and Special Ops. In his spare time he is the Managing Director of Next Generation Security Software Ltd. Chris Anley is a co-author of The Shellcoder's Handbook, a best-selling book about security vulnerability research. He has published whitepapers and security advisories on a number of database systems, including SQL Server, Sybase, MySQL, DB2, and Oracle. John Heasman is a principal security consultant at NGS Software. He is a prolific security researcher and has published many security advisories relating to high-profile products such as Microsoft Windows, Real Player, Apple Quick-Time, and PostgreSQL. Bill Grindlay is a senior security consultant and software engineer at NGS Software. He has worked on both the generalized vulnerability scanner Typhon III and the NGSSQuirreL family of database security scanners. He is a co-author of the database administrator's guide, SQL Server Security. Next Generation Security Software Ltd is a UK-based company that develops a suite of database server vulnerability assessment tools, the NGSSQuirreL family. Founded in 2001, NGS Software's consulting arm is the largest dedicated security team in Europe. All four authors of this book work for NGS Software.

Look for similar items by category
People also searched for
How Fishpond Works
Fishpond works with suppliers all over the world to bring you a huge selection of products, really great prices, and delivery included on over 25 million products that we sell. We do our best every day to make Fishpond an awesome place for customers to shop and get what they want — all at the best prices online.
Webmasters, Bloggers & Website Owners
You can earn a 5% commission by selling The Database Hacker's Handbook: Defending Database Servers on your website. It's easy to get started - we will give you example code. After you're set-up, your website can earn you money while you work, play or even sleep! You should start right now!
Authors / Publishers
Are you the Author or Publisher of a book? Or the manufacturer of one of the millions of products that we sell. You can improve sales and grow your revenue by submitting additional information on this title. The better the information we have about a product, the more we will sell!
Item ships from and is sold by Fishpond World Ltd.
Back to top