Tous nos rayons

Déjà client ? Identifiez-vous

Mot de passe oublié ?

Nouveau client ?

CRÉER VOTRE COMPTE
The Database Hacker's Handbook
Ajouter à une liste

Librairie Eyrolles - Paris 5e
Indisponible

The Database Hacker's Handbook

The Database Hacker's Handbook

Defending Database Servers

David Lichtfield, Chris Anley, John Heasman, Bill Grindlay

500 pages, parution le 02/08/2005

Résumé

The book will cover the how to break into and how to defend the most popular database server software. These include:

  • Oracle
  • Microsoft's SQL Server
  • IBM's DB2
  • Postgres
  • Sybase
  • MySQL

Each of these will be examined to show how hackers gain access using various methods from buffer overflow exploitation, privilege escalation through SQL, SQL injection and stored procedure and trigger abuse. Also discussed are those techniques that are specific to each database. With each attack topic presented, ways of preventing such abuse will be discussed.

L'auteur - David Lichtfield

David Litchfield specializes in searching for new threats to database systems and web applications and holds the unofficial world record for finding major security flaws. He has lectured to both British and U.S. government security agencies on database security and is a regular speaker at the Blackhat Security Briefings. He is a co-author of The Shellcoder's Handbook, SQL Server Security, and Special Ops. In his spare time he is the Managing Director of Next Generation Security Software Ltd.

L'auteur - Chris Anley

Chris Anley is a co-author of The Shellcoder's Handbook, a best-selling book about security vulnerability research. He has published whitepapers and security advisories on a number of database systems, including SQL Server, Sybase, MySQL, DB2, and Oracle.

L'auteur - John Heasman

John Heasman is a principal security consultant at NGS Software. He is a prolific security researcher and has published many security advisories relating to high-profile products such as Microsoft Windows, Real Player, Apple Quick-Time, and PostgreSQL.

L'auteur - Bill Grindlay

Bill Grindlay is a senior security consultant and software engineer at NGS Software. He has worked on both the generalized vulnerability scanner Typhon III and the NGSSQuirreL family of database security scanners. He is a co-author of the database administrator's guide, SQL Server Security.

Sommaire

  • Introduction
  • Why Care About Database Security?
  • Oracle
    • The Oracle Architecture
    • Attacking Oracle
    • Oracle: Moving Further into the Network
    • Securing Oracle
  • DB2
    • IBM DB2 Universal Database
    • DB2: Discovery, Attack, and Defense
    • Attacking DB2
    • Securing DB2
  • Informix
    • The Informix Architecture
    • Informix: Discovery, Attack, and Defense
    • Securing Informix
  • Sybase ASE
    • Sybase Architecture
    • Sybase: Discovery, Attack, and Defense
    • Sybase: Moving Further into the Network
    • Securing Sybase
  • MySQL
    • MySQL Architecture
    • MySQL: Discovery, Attack, and Defense
    • MySQL: Moving Further into the Network
    • Securing MySQL
  • SQL Server
    • Microsoft SQL Server Architecture
    • SQL Server: Exploitation, Attack, and Defense
    • Securing SQL Server
  • PostgreSQL
    • The PostgreSQL Architecture
    • PostgreSQL: Discovery and Attack
    • Securing PostgreSQL
    • Appendix A: Example C Code for a Time-Delay SQL Injection Harness
    • Appendix B: Dangerous Extended Stored Procedures
    • Appendix C: Oracle Default Usernames and Passwords
Voir tout
Replier

Caractéristiques techniques

  PAPIER
Éditeur(s) Wiley
Auteur(s) David Lichtfield, Chris Anley, John Heasman, Bill Grindlay
Parution 02/08/2005
Nb. de pages 500
Format 19 x 23
Couverture Broché
Poids 780g
Intérieur Noir et Blanc
EAN13 9780764578014
ISBN13 978-0-7645-7801-4

Avantages Eyrolles.com

Livraison à partir de 0,01 en France métropolitaine
Paiement en ligne SÉCURISÉ
Livraison dans le monde
Retour sous 15 jours
+ d'un million et demi de livres disponibles
satisfait ou remboursé
Satisfait ou remboursé
Paiement sécurisé
modes de paiement
Paiement à l'expédition
partout dans le monde
Livraison partout dans le monde
Service clients sav@commande.eyrolles.com
librairie française
Librairie française depuis 1925
Recevez nos newsletters
Vous serez régulièrement informé(e) de toutes nos actualités.
Inscription