Access "Secure Reads: The Database Hacker's Handbook"
This article is part of the April 2006 issue of Security survivor all stars explain their worst data breaches
The Database Hacker's Handbook: Defending Database Servers By David Litchfield, Chris Anley, John Heasman & Bill Grindlay Wiley, 500 pages, $50.00 @exb The Database Hacker's Handbook: Defending Database Servers @exe Unfortunately, database administrators and security analysts live in separate clans on the large IT frontier. The Database Hacker's Handbook fosters the resolution of these inherent communication breakdowns by closing the knowledge differential between the database admin and security admin. Serious effort, training and experience are required to truly understand the other's perspective, but this book provides the perfect starting point. Its renowned database security researchers waste no time in showing how to attack modern database systems. The terse opening chapter provides a taxonomy for database vulnerabilities, such as privilege elevation via SQL injection and unauthenticated flaws in network protocols, the most dangerous vulnerability. Although classifying the attacks presented later in the book may be a useful exercise for the ambitious ... Access >>>
Premium Content for Free.
Secure Reads: The Database Hacker's Handbook
Read a review of The Database Hacker's Handbook.
Recent Releases: Security product briefs, April 2006
Read about security products released in April 2006.
BITS & BOLTS SSL-encrypted tunnels protect sensitive data traveling the Information Superhighway.
Security Survivor All-Stars
COVER STORY Five security survivors tell you how to outwit, outplay and outlast the bad guys.
Antispyware / Patch Management
Shavlik Technologies' NetChk Protect 5.5
- Secure Reads: The Database Hacker's Handbook
Security Device Testing
by Steven Weil, Contributor
Karalon's Traffic IQ Pro 1.0
Get a Grip!
MOBILE SECURITY Enterprises need to take control of PDAs, smart phones and other mobile devices to ensure corporate security.
Tumbleweed's MailGate 5500
Hot Pick: F5 Network's FirePass 4100 Controller
F5 Network's FirePass 4100 Controller
- Security Device Testing by Steven Weil, Contributor
Ping: Jane Scott Norris
Jane Scott Norris
Face-Off: Schneier, Ranum debate security awareness training
Is User Education Working?
Editor's Desk: The power of one
Perspectives: Putting out a call for self-defending clients
by M. W. Meyer & Eric Sager, Contributors
Network perimeter defenses have crumbled. What we need now are self-defending clients.
- Ping: Jane Scott Norris
More Premium Content Accessible For Free
Enterprises leverage open source software for the perceived quality of the code, but the Heartbleed flaw has made many question their use of ...
The network of today's enterprise is larger and more diverse than ever, which means there's more for hackers to attack. So as enterprises update ...
In the rush to capitalize on big data, many companies forget that developing an ecosystem of structured and unstructured data means higher risk of ...