Call (800) 766-1884 for Oracle support & training
Free Oracle Tips

Oracle Consulting Support
Oracle Upgrades
Use New Oracle Features
Oracle Replication Support
Oracle Training
Remote Oracle DBA
System Documentation
Oracle Tips
Oracle Performance

Free Oracle Tips



BC Oracle tuning

Oracle training

Oracle support

Remote Oracle



  Oracle Tips by Burleson

Web Stalkers
Chapter 5 -
All About Cybercrime

Real-World Case: The Extortion Attack

While there are always opportunities for attack from the outside world, one is unable to discount attacks from within the company firewall. In practice, inside jobs are more common than external attacks, and they can often have devastating consequences.  The following is a real-world example.

Real-World Case: The Rootkit Attack

In 2004, a call came in from a client who was complaining of performance problems on their web database, which was running on a standalone Linux server.  The company was in the business of providing credit information to third-party companies to assess an individual’s probability of financial default.

Upon accessing the server, it was apparent that something was terribly wrong.  Even when idle, the database was performing I/O operations and the processors were active, even though Linux did not show any active processes. 

After a Linux expert was consulted, the real issue was discovered.  A time-bomb was activated by a hacker, and the attack was both clever and devastating.  The attacker placed a Linux daemon process called “Hoover” on the Linux server and this process was constantly polling the Oracle database, vacuuming up new data, and e-mailing it to an overseas mailbox!

The attack was very sophisticated and unobtrusive.  The malicious employee had replaced the standard Linux commands with a root kit, an attack method readily available on the Internet.  In a root kit attack, the Linux commands are replaced with an alias to disguise the presence of the data stealing mechanism. 

The above text is an excerpt from:

Web Stalkers
Protect yourself from Internet Criminals & Psychopaths
ISBN 0-97-45993-9-5

by Donald K. Burleson, Stephen Andert

Download your Oracle scripts now:

The definitive Oracle Script collection for every Oracle professional DBA


Oracle performance tuning software 

Oracle performance tuning book


Oracle performance Tuning 10g reference poster
Oracle training in Linux commands
Oracle training Excel
Oracle training & performance tuning books



Copyright © 1996 -  2014 by Burleson. All rights reserved.

Oracle® is the registered trademark of Oracle Corporation.