oracle database threats - laouc webinar

Osama MustafaSenior Oracle DBAGurus Solutions

Top 10 Oracle Database Threats

Overview

bull Introductionbull Why Database security is important bull How Database Are hacked bull How to Protect against Database Attack bull Conclusionbull Referencebull Q amp A

Who Am I

bull Certified OCPOCEOCS 10g11gbull Oracle ACE bull Certified Ethical hacker LPTbull Sun Linux Certified bull Author Of Oracle Penetration testing bookbull Presenter amp Contributor in Oracle Community

OsamaOracle

osamamustafagurussolutionscom

httposamamustafablogspotcom

Osama Mustafa

GoogIe Search

Without Oracle With Oracle

Introduction

bull10 January 2014 Target data theft affected 70 million customersbullData Theft is Becoming Major ThreatbullData Theft is Bank of goldbull90 of companies say theyve been hackedbullMost of the Target Data are Personal Stuff Such as

Credit Card Account Number and Passwords

Revising the Top 10 Data Loss Incidents list

Introduction

ldquoYour Personal Data is Worth Pretty Penny But it All Depends On Who Wants itrdquo TrendMicro Average for personal Data Between 0$-1200$

If you want to know how much your Personal Data Worth Check this Website httpwwwftcomcmss2927ca86e-d29b-11e2-88ed-00144feab7dehtmlaxzz2ukFAZIUF

Introduction

SURPRISE

bull In 2012 Report from Verizon Data Indicate that 96 of Records breached are from databasebull Less Than 5 of Security Spend on Data Center (WW Security Products )

Introduction

5

95

Data Center

Why Database Security Is Important

bull Database is the most important Data Banking bull Financial Databull ClientCustomer Databull Corporateorganization Data

bull If the database stop working the company will lose moneybull If the database is getting hacked imagine what happened to the

company

bull Ensure the data is confidential and prevent any outsourcing modificationbull Secure database provide an additional benefit which is data

management become more efficient and effectivebull Access to database should be only restricted to authorized people

only unless one thing itrsquos Public Databasebull Secure Database leads to monitor activity and knows

authorized people


Laws about Security

bull SOX Sarbanes Oxleybull ldquoprotect investors by improving reliability of corporaterdquo

bull PCI Payment Card industry bull Related to Credit card companies such as Visa Master card

bull GLBA Gramm Leach Bliley Act bull companies that offer consumers financial products or services like loans

bull DATA Data Accountability and Trust Actbull security policies and procedures to protect data containing personal

information

How Database are Hacked


bull As Database Administrator you need to know Threats that can effect on your databasebull Definition of threats context of computer security refers to anything

that has the potential to cause serious harm to a computer system A threat is something that may or may not happen but has the potential to cause serious damage Threats can lead to attacks on computer systems networks and morebull Vulnerability Existence of a weakness design or implementation error

that Existence of a weakness design or implementation error that can lead to an unexpected and undesirable event compromising the security of the system

Elements Of Security

bull Confidentiality bull The concealment of information or resources

bull Authenticitybull The identification and assurance of the origin of information

bull Integritybull The trustworthiness of data or resources in terms of preventing improper and

unauthorized changes

bull Availabilitybull The ability to use the desired information or resource

Triangle of Security

Decide Before Moving The Ball

What The Hacker Do bull Gather Information

bull Active Directly Such as social engineeringbull Passive Google search Social media

bull Scanning bull use some tools for scan vulnerabilities of the system

bull Gaining Accessbull Penetration Phase continue attacking to explore deeper into the target network

bull Maintaining Accessbull Downloading Phase

bull Clearing Tracks

ldquoThe more the hacker learns about your internal operations means the more likely he will be intrude and exploit So be Securerdquo

Attack Oracle-Database Server

bull Database servers are usually hacked to get the critical informationbull Mistakes made by the web designers can reveal the databases of the

server to the hacker

bull Finding an Oracle database server on network is done using TCP port scanbull Once Oracle Database Server has been discovered First Port of call is

TNS Listener

Top Threats Effect on Database Server

bull Unused Privileges-bull When user are Granted Database access Privileges that exceed requirement

of their job these Privileges can lead to major issue if the user was know what he is doing

bull REVOKE CREATE DATABASE LINK FROM connectbull REVOKE EXECUTE ON utl_tcp FROM publicbull REVOKE EXECUTE ON utl_smtp FROM publicbull REVOKE EXECUTE ON utl_http FROM publicbull REVOKE EXECUTE ON utl_mail FROM publicbull REVOKE EXECUTE ON utl_inaddr FROM publicbull REVOKE EXECUTE ON utl_file FROM publicbull REVOKE EXECUTE ON dbms_java FROm public


bull httpsupportoraclecom

bull Review database user privilegesbull Note 10202866 - Script to Create View to Show All User Privs

Note 10502676 - SCRIPT Script to show table privileges for users and rolesNote 10201766 - SCRIPT Script to Generate object privilege GRANTS

bull Revoke privileges from PUBLIC where not necessarybull Note 2470931 - Be Cautious When Revoking Privileges Granted to PUBLIC

Note 2345511 - PUBLIC Is it a User a Role a User Group a Privilege Note 3902251 - Execute Privileges Are Reset For Public After Applying Patchset

bull Weak Authenticationbull Most common Default Password for Database

Username Password

Sys Manager

Sys System

Sys Oracle

System Same as sys

Apps Apps ( EBS User )

scott tiger


Oracle Default Password List By Pete Finniganhttpwwwpetefinnigancomdefaultdefault_password_listhtm

Voyager Beta worm

bull On 20-december 2005 an anonymous poster (kwbbwifindnotcom ) posted an variant of the Oracle Voyager Wormbull Read more About this Worm bull httpwwwred-database-securitycomadvisoryoracle_worm_voyagerhtml

bull attacks Oracle servers using default accounts and passwordbull It attempts a TCP connection to TCP Port 1521 Where oracle

connection Service listensbull If Ok Then Tries Series of Username and passwordbull Systemmanager syschange_on_install dbsnmpdbsnmp scotttiger

bull Authenticate Ok It will create table to transfer payload

bull Denial of service (DoS) -bull Common DoS techniques include buffer overflows data corruption network

flooding and resource consumptionbull It is an attack through which a person can render a system unusable or

significantly slow it down for system unusable or significantly slow it down for legitimate users by overloading its resources

bull Attackers maybull Attempt to flood a network thereby preventing legitimate network trafficbull Attempt to disrupt connections between two machines thereby Attempt to disrupt

connections between two machines thereby preventing access to a servicebull Attempt to prevent a particular individual from accessing a servicebull Attempt to disrupt service to a specific system or person


bull The Impact-bull Disabled networkbull Disabled organizationbull Financial lossbull Loss of goodwill

bull DoS Attack Classification-bull Smurf - Generates a large amount of ICMP echo (ping)bull Buffer Overflow Attack - The program writes more information into the bufferbull Ping of death - Send IP Packets larger than the 65536 Bytes bull Teardrop - IP Requires that packet that is too large for next Routerbull SYN Attack - Sends bogus TCP SYN requests to a victim server


bull Examples DoS Attack Tools -bull Jolt2bull Buboniccbull Land and LaTierrabull Targabull Blast20bull Nemesybull Panther2bull Crazy Pingerbull Some Troublebull UDP Floodbull FSMax



bull SQL Injectionbull type of security exploit in which the attacker injects Structured Query

Language (SQL) code through a web form input box to gain Structured Query Language (SQL) code through a web form input box to gain access to resources or make changes to databull Programmer use sequential commands with user inputs making it easier for

attackers to inject commandsbull Attacker can do SQL Commands through web applicationbull For Example when a user logs onto a web page by using a user name and

password for validation a SQL query is user name and password for validation a SQL query is usedbull What I Need Any Web Browser

bull What Should I look For in SQL Injection bull HTML method

bull POST you cannot see any parameters in browserbull GET

bull Check HTML Source CodeltForm action=searchasp method=postgt ltinput type=hidden name=X value=ZgtltFormgt

bull Examples bull http wwwmywebsitecom indexaspid=10



If you get this error then the website is vulnerable to an SQL injection attack


bull But Wait How Can I Test SQL Injection bull Different Way Different Toolsbull Easy Way to use Single Quote in the input

bull Examples bull bull blahrsquo or 1=1mdashbull Loginblahrsquo or 1=1mdashbull bull Passwordblahrsquo or 1=1mdash

http wwwmywebsitecom indexaspid=10

Will be like thishttp wwwmywebsitecomindexaspid=blahrsquo or 1=1--

bull Another examples for single quote usage in SQL Injection bull lsquo or 1=1mdashbull ldquo or 1=1mdashbull lsquo or lsquoarsquo=lsquoabull ldquo or ldquoardquo=ldquoabull lsquo) or (lsquoarsquo=lsquoa)

bull The hacker breaks into the system by injecting malformed SQL into the query because the executed query is formed by the concatenation of a fixed string and values entered by the userbull string strQry = SELECT Count() FROM Users WHERE UserName= + txtUserText + AND

Password= + txtPasswordText +



bull If the user enter valid username and password the query strQry will be changedLike this SELECT Count() FROM Users WHERE UserName=Paul AND Password=passwordlsquo

bull But The Hacker will not leave weak code Alone and he will enter - Or 1=1 ndash

bull The New Query Will be SELECT Count() FROM Users WHERE UserName= Or 1=1 -- AND Password=

bull 1=1 is always true for every row in the table so assuming there is at least one row in the table this SQL always return nonzero count of records


bull Weak Audit Trail

In God I trust For everyone else I keep log files

Performance impacts

Determine what is important to be audited


Limited Resource

Which Mechanism Of Audit Trail I should Use

No End-To-End Auditing


Application


bull Whether database auditing is enabled or disabled Oracle will always audit certain database actions into the OS audit trail There is no way to change this behavior because it is a formal requirement of the security evaluation criteria

Documents Every DBA Should Read

bull NOTE1743401 - Audit SYS User Operations (How to Audit SYSDBA)bull NOTE5532251 - How To Set the AUDIT_SYSLOG_LEVEL Parameter bull NOTE12990331- Master Note For Oracle Database Auditingbull Note 1743401 - Audit SYS User Operationsbull note 11713141 HugeLargeExcessive Number Of Audit Records Are Being Generated In The

Databasebull Note 15097231 - Oracle Database Auditing Performance


bull Malwarebull is software designed to infiltrate or damage a computer system without the

owners informed consent The expression is a general term used by computer professionals to mean a variety of forms of hostile intrusive or annoying software or program code

Report From Verizon Data-ldquo69 breaches incorporated malwarerdquo

httpwwwwiredcomimages_blogsthreatlevel201203Verizon-Data-Breach-Report-2012pdf


bull Malware includes computer viruses worms trojan horses spyware adware most rootkits and other malicious programs In law malware is sometimes known as a computer contaminant in various legal codes


Most Common Ports-

Windows netstat ndashan | findstr ltport numbergtLinux netstat ndashan | grep ltport numbergt

Name Protocol Ports

Back Office UDP 31337 Or 31338Deep Throat UDP 2140 and 3150Net Bus TCP 12345 and 12346Whack-a-mole TCP 12361 and 12362Net Bus 2 Pro TCP 20034Girlfriend TCP 21544Master Paradise TCP 3129 40421 40422

40423 and 40426


bull StorageBackup Media Exposure

bull When data is saved to tape you want to be confident that data will be accessible decades from now as well as tomorrow

bull Backup database storage media is often completely unprotected from attack As a result several high profile security breaches have involved theft of database backup tapes and hard disks

bull Always Remember Company Data Means Money to another Person


bull Unpatched Database bull Oracle Provide Something Called Critical Patch Updatesbull Critical Patch Updates are collections of security fixes for Oracle products

bull They are released on the Tuesday closest to the 17th day of January April July and October The next four dates arebull 17th day of Januarybull 15 April 2014bull 15 July 2014bull 14 October 2014bull 20 January 2015

httpwwworaclecomtechnetworktopicssecurityalerts-086861html



bull Another Thing should be follow and Monitored which is bull Security Alerts

bull Oracle will issue Security Alerts for vulnerability fixes deemed too critical to wait for distribution in the next Critical Patch Update


bull Unsecure Sensitive Data-

bull Who has access to company data

bull Dose the company meet requirement

bull What Will make the Hacker Rich

bull What Could damage the reputation of the organization


bull Limited EducationTrained end users-

bull Humans are the weakest link in the information securitybull The errors committed by the human elements of an organization remain a major contributor to

data loss incidents worldwide

bull What do we want to accomplish by making users aware of security

bull Encourage safe usage habits and discourage unsafe behaviorbull Change user perceptions of information securitybull Inform users about how to recognize and react to potential threatsbull Educate users about information security techniques they can use


bull Challenges-bull Delivering a desired message to the end-userbull Motivating users to take a personal interest in information securitybull Giving end user security awareness a higher priority within organizationsbull No Budget in the company for Security Awareness

How to Secure Database

bull What Should I Do to Secure Database bull Set a good password policy

bull No password reusebull Strong passwords

bull Keep up to date with security patchesbull Check Firewall level

bull Trusted Connection Only bull Block Unused Ports

bull Encryptionbull network level

bull SSLbull File Level Such as Backupbull Database Such As Sensitive Data

bull Monitor Databasebull Periodically check for users with database administration privileges


bull audit your web applicationsbull Misconfigurations

bull Log as much as possiblebull Failed loginsbull Permissions errors

bull Your Data is your money protect itbull Train IT staff on database securitybull Always Ask For Professional Services

Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9


Why Database Security Is Important (2)

Laws about Security


How Database are Hacked (2)



What The Hacker Do



Top Threats Effect on Database Server (2)

Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49

Overview

bull Introductionbull Why Database security is important bull How Database Are hacked bull How to Protect against Database Attack bull Conclusionbull Referencebull Q amp A

Who Am I


OsamaOracle



Osama Mustafa

GoogIe Search


Introduction




Introduction



Introduction

SURPRISE


Introduction

5

95

Data Center




company




authorized people


Laws about Security





information

























TNS Listener












Username Password

Sys Manager

Sys System

Sys Oracle

System Same as sys


scott tiger



Voyager Beta worm













































Performance impacts



Limited Resource




Application














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49

Who Am I


OsamaOracle



Osama Mustafa

GoogIe Search


Introduction




Introduction



Introduction

SURPRISE


Introduction

5

95

Data Center




company




authorized people


Laws about Security





information

























TNS Listener












Username Password

Sys Manager

Sys System

Sys Oracle

System Same as sys


scott tiger



Voyager Beta worm













































Performance impacts



Limited Resource




Application














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49

GoogIe Search


Introduction




Introduction



Introduction

SURPRISE


Introduction

5

95

Data Center




company




authorized people


Laws about Security





information

























TNS Listener












Username Password

Sys Manager

Sys System

Sys Oracle

System Same as sys


scott tiger



Voyager Beta worm













































Performance impacts



Limited Resource




Application














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49

Introduction




Introduction



Introduction

SURPRISE


Introduction

5

95

Data Center




company




authorized people


Laws about Security





information

























TNS Listener












Username Password

Sys Manager

Sys System

Sys Oracle

System Same as sys


scott tiger



Voyager Beta worm













































Performance impacts



Limited Resource




Application














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49


Introduction



Introduction

SURPRISE


Introduction

5

95

Data Center




company




authorized people


Laws about Security





information

























TNS Listener












Username Password

Sys Manager

Sys System

Sys Oracle

System Same as sys


scott tiger



Voyager Beta worm













































Performance impacts



Limited Resource




Application














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49



Introduction

SURPRISE


Introduction

5

95

Data Center




company




authorized people


Laws about Security





information

























TNS Listener












Username Password

Sys Manager

Sys System

Sys Oracle

System Same as sys


scott tiger



Voyager Beta worm













































Performance impacts



Limited Resource




Application














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49

SURPRISE


Introduction

5

95

Data Center




company




authorized people


Laws about Security





information

























TNS Listener












Username Password

Sys Manager

Sys System

Sys Oracle

System Same as sys


scott tiger



Voyager Beta worm













































Performance impacts



Limited Resource




Application














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49


Introduction

5

95

Data Center




company




authorized people


Laws about Security





information

























TNS Listener












Username Password

Sys Manager

Sys System

Sys Oracle

System Same as sys


scott tiger



Voyager Beta worm













































Performance impacts



Limited Resource




Application














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49




company




authorized people


Laws about Security





information

























TNS Listener












Username Password

Sys Manager

Sys System

Sys Oracle

System Same as sys


scott tiger



Voyager Beta worm













































Performance impacts



Limited Resource




Application














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49




authorized people


Laws about Security





information

























TNS Listener












Username Password

Sys Manager

Sys System

Sys Oracle

System Same as sys


scott tiger



Voyager Beta worm













































Performance impacts



Limited Resource




Application














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49

Laws about Security





information

























TNS Listener












Username Password

Sys Manager

Sys System

Sys Oracle

System Same as sys


scott tiger



Voyager Beta worm













































Performance impacts



Limited Resource




Application














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49

























TNS Listener












Username Password

Sys Manager

Sys System

Sys Oracle

System Same as sys


scott tiger



Voyager Beta worm













































Performance impacts



Limited Resource




Application














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49












Username Password

Sys Manager

Sys System

Sys Oracle

System Same as sys


scott tiger



Voyager Beta worm













































Performance impacts



Limited Resource




Application














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49

Voyager Beta worm













































Performance impacts



Limited Resource




Application














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49









































Performance impacts



Limited Resource




Application














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49


Application














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49














Most Common Ports-


Name Protocol Ports


40423 and 40426








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49








































Thanks For LAOUC

OsamaOracle



Osama Mustafa

Slide 1

Overview

Who Am I

GoogIe Search

Introduction

Introduction (2)

Introduction (3)

Slide 8

Slide 9



Laws about Security





What The Hacker Do




Slide 21

Voyager Beta worm

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49

oracle database threats - laouc webinar

Technology

database security

public database

important database

data data accountability

database attack

database link

database stop

database administrator