Author Archive
Sunday, June 22nd, 2008
SQL Injection and separation of duties
Adrian Lane writes in his blog entry about separation of duties on the application level. While I agree with his sentiments I also know how hard it is to do so from the application development side. In most applications , database connections are using connection pooling. Creating such a separation makes the development process a [...]
No Comments » - Posted in SQL injection, security by Slavik
Friday, June 20th, 2008
Mass SQL Injection attack is still out there
Well, it was an interesting day today for us in Sentrigo. One of our customers was being attacked by this mass SQL injection and since our software identified the attack he came to us to help him cope with the situation. As explained in other places, the attack takes advantage of vulnerable web sites and [...]
6 Comments » - Posted in MS SQL Server, SQL injection, security by Slavik
Monday, June 2nd, 2008
So, you think you’ve removed that sensitive data (part II)
As I wrote in a previous post, truncating tables or scrambling content might not remove the actual data from the datafiles. The examples I gave in that post were Oracle related and now I’ll show the same using MS SQL Server 2005. I’d like to thank Dmitriy Geyzerskiy for providing the actual working example.
create database [...]
No Comments » - Posted in DBA, MS SQL Server, insider threat, security, technical tips by Slavik
Thursday, May 29th, 2008
Secret Hedgehog project
Just wanted to share with you a secret Hedgehog project I’ve been working on for almost two years. You can see a picture below.
1 Comment » - Posted in Personal by Slavik
Monday, May 26th, 2008
So, you think you’ve removed that sensitive data
I had an interesting conversation with Alexander Kornbrust yesterday about cloning databases. Most DBAs I know copy database files from production to create staging, integration and test environments. Those environments contain a lot of sensitive information (PII, CC, etc.) which is usually either deleted, scrambled or truncated. The problem with these solutions is that most [...]
3 Comments » - Posted in DBA, Oracle, insider threat, security, technical tips by Slavik
Monday, May 26th, 2008
Weird MS SQL Server bug
A somewhat technical post on MS SQL Server encrypted triggers.
It turns out that MS SQL Server 2005 has an issue with encrypted triggers in the model database. We’ve created an encrypted database level trigger on DDL operations in all databases including the model database so that when a new database is created the trigger will [...]
1 Comment » - Posted in DBA, MS SQL Server, technical tips by Slavik
Wednesday, April 9th, 2008
RSA Conference 2008
It’s been a while since I’ve blogged. Hit a dry spell, I guess. Will try to post more frequently and about some technical issues as well. Anyway, I’m at the RSA conference in San Francisco for the entire week. It’s been a great conference so far with interesting keynotes and sessions. Also, a lot of [...]
No Comments » - Posted in PCI, compliance, credit cards, security by Slavik
Monday, March 17th, 2008
Proactivity vs. Reactivity
Fern Halper, an analyst with Hurwitz & Associates wrote in her blog “Data makes the world go ’round” about database activity monitoring (as well as highlighting some of what my company Sentrigo does).
In the summary of her post she raises an important issue - that most DBAs are reactive rather than proactive when it comes [...]
No Comments » - Posted in monitoring, security by Slavik
Sunday, March 16th, 2008
Presenting at the UKOUG DBMS SIG this week
I’ll be presenting on Oracle database hacking and security at the UKOUG DBMS Special Interest Group meeting this week. The meeting will take place on Thursday, 20th March 2008 in Baylis House, Slough (UK, obviously). Here’s the link for the agenda and details http://www.ukoug.org/calendar/show_event.jsp?id=3358
Hope to see some of you there - come and say hello…
No Comments » - Posted in OUG, Oracle by Slavik
Sunday, March 9th, 2008
Oracle Security Webinar with Pete Finnigan
Just a short announcement this time - Sentrigo is hosting a live webinar/webcast with Pete Finnigan where he’ll share his wisdom on Oracle database security, show some attack vectors and how one can detect and prevent them, as well as other good stuff.
Those of you who’ve ever attended one of Pete’s masterclasses at an OUG [...]