The Database Hacker's Handbook : Defending Database Servers

The Database Hacker's Handbook : Defending Database Servers

Authors : David Litchfield, Chris Anley, John Heasman, Bill Grindlay

| Publisher: Wiley (July 14, 2005) | ISBN: 0764578014 | 500 pages | CHM | Rar size : 1.11 MB |

Book Description :

Databases are the nerve center of our economy. Every piece of your personal information is stored there—medical records, bank accounts, employment history, pensions, car registrations, even your children's grades and what groceries you buy. Database attacks are potentially crippling—and relentless.

In this essential follow-up to The Shellcoder's Handbook, four of the world's top security experts teach you to break into and defend the seven most popular database servers. You'll learn how to identify vulnerabilities, how attacks are carried out, and how to stop the carnage. The bad guys already know all this. You need to know it too.

• Identify and plug the new holes in Oracle and Microsoft® SQL Server
• Learn the best defenses for IBM's DB2®, PostgreSQL, Sybase ASE, and MySQL® servers
• Discover how buffer overflow exploitation, privilege escalation through SQL, stored procedure or trigger abuse, and SQL injection enable hacker access
• Recognize vulnerabilities peculiar to each database
• Find out what the attackers already know

Table Of Contents :

Part I, Introduction

Chapter 1, Why Care About Database Security?

Part II, Oracle

Chapter 2, The Oracle Architecture

Chapter 3, Attacking Oracle

Chapter 4, Oracle: Moving Further into the Network

Chapter 5, Securing Oracle

Part III, DB2

Chapter 6, IBM DB2 Universal Database

Chapter 7, DB2: Discovery, Attack, and Defense

Chapter 8, Attacking DB2

Chapter 9, Securing DB2

Part IV, Informix

Chapter 10, The Informix Architecture

Chapter 11, Informix: Discovery, Attack, and Defense

Chapter 12, Securing Informix

Part V, Sybase ASE

Chapter 13, The Sybase Architecture

Chapter 14, Sybase: Discovery, Attack, and Defense

Chapter 15, Sybase: Moving Further into the Network

Chapter 16, Securing Sybase

Part VI, MySQL

Chapter 17, MySQL Architecture

Chapter 18, MySQL: Discovery, Attack, and Defense

Chapter 19, MySQL: Moving Further into the Network

Chapter 20, Securing MySQL

Part VII, SQL Server

Chapter 21, Microsoft SQL Server Architecture

Chapter 22, SQL Server: Exploitation, Attack, and Defense

Chapter 23, Securing SQL Server

Part VIII, PostgreSQL

Chapter 24, The PostgreSQL Architecture

Chapter 25, PostgreSQL: Discovery and Attack

Chapter 26, Securing PostgreSQL

Appendix A, Example C Code for a Time-Delay SQL Injection Harness

Appendix B, Dangerous Extended Stored Procedures

Appendix C, Oracle Default Usernames and Passwords

Amazon Info

Click Here for code samples, security alerts , and programs available for download.

Rapid Download

non Rapid Download

Password : Password