Call (800) 766-1884 for Oracle support & training
Free Oracle Tips


Oracle Consulting Support
Oracle Upgrades
Use New Oracle Features
Oracle Replication Support
Oracle Training
Remote Oracle DBA
System Documentation
Oracle Tips
Oracle Performance
 

Free Oracle Tips


 

HTML Text

BC Oracle tuning

Oracle training

Oracle support

Remote Oracle

 

 

   
  Oracle Tips by Burleson

Web Stalkers
Chapter 5 -
All About Cybercrime

Real-World Case: The Extortion Attack

While there are always opportunities for attack from the outside world, one is unable to discount attacks from within the company firewall. In practice, inside jobs are more common than external attacks, and they can often have devastating consequences.  The following is a real-world example.

Real-World Case: The Rootkit Attack

In 2004, a call came in from a client who was complaining of performance problems on their web database, which was running on a standalone Linux server.  The company was in the business of providing credit information to third-party companies to assess an individual’s probability of financial default.

Upon accessing the server, it was apparent that something was terribly wrong.  Even when idle, the database was performing I/O operations and the processors were active, even though Linux did not show any active processes. 

After a Linux expert was consulted, the real issue was discovered.  A time-bomb was activated by a hacker, and the attack was both clever and devastating.  The attacker placed a Linux daemon process called “Hoover” on the Linux server and this process was constantly polling the Oracle database, vacuuming up new data, and e-mailing it to an overseas mailbox!

The attack was very sophisticated and unobtrusive.  The malicious employee had replaced the standard Linux commands with a root kit, an attack method readily available on the Internet.  In a root kit attack, the Linux commands are replaced with an alias to disguise the presence of the data stealing mechanism. 


The above text is an excerpt from:

Web Stalkers
Protect yourself from Internet Criminals & Psychopaths
ISBN 0-97-45993-9-5

by Donald K. Burleson, Stephen Andert
 

http://www.rampant-books.com/book_2004_2_stalkers.htm


Download your Oracle scripts now:

www.oracle-script.com

The definitive Oracle Script collection for every Oracle professional DBA

  
 

Oracle performance tuning software 
 
 
 
 

Oracle performance tuning book

 

 
 
 
Oracle performance Tuning 10g reference poster
 
 
 
Oracle training in Linux commands
 
Oracle training Excel
 
Oracle training & performance tuning books
 

 

   

Copyright © 1996 -  2014 by Burleson. All rights reserved.

Oracle® is the registered trademark of Oracle Corporation.