You are on page 1of 17

Database Security

Hardening the Defense


of Database Server
Presentation Outline

1 The Importance of Database Security

2 Finding Database Server Holes

3 Type of Database Attacks

4 Oracle Study Case

5 MySQL Study Case


Importance of Database Security

 Databases often store sensitive data

 Incorrect data or loss of data could


negatively affect business operations

 Databases can be used as bases to attack


other systems from
Principles of Finding Holes

 Don't believe the documentation

 Implement your own client

 Debug the system to understand how it works

 Identify communication protocols

 Understand arbitrary code


execution bugs
 Write your own "fuzzers"
Top Six Database Attack* [1]

 Brute-force (or not) cracking of weak or


default usernames/passwords
 Privilege escalation

 Exploiting unused and unnecessary database


services and functionality
 Targeting unpatched database vulnerabilities

 SQL injection

 Stolen backup (unencrypted) tapes

* based on : http://www.darkreading.com/security/encryption/211201064/index.html
Top Six Database Attacks [2]

 Cracking username/password
 Not to change default password is disaster
 It is also better to change password periodically

 Privilege Escalation
 Give right person right privilege
 Avoid giving low-level user all database (even read
only access)

 Exploiting unnecessary service


 Attacker always find open listener feature
 Only install features we need
Top Six Database Attacks [3]

 Unpatched database vulnerabilities


 Many companies reluctant to patch their database
because of availability
 Database bugs many times posted in hacker website
 Not to install small patch can lead big disaster

 Stolen backup (unencrypted) tapes


 Type of insider or accidental attack
 Encrypt the backup to prevent attack
Top Six Database Attacks [4]

 SQL Injection
 Old but still widely used attacks
 Usually exploit web application weakness
 Result of poor practice application development
 Use statement binding to filter user input
Case Study
Security Checklists [1]

 Oracle TNS Listener


 Set a TNS Listener Password (encrypted) to prevent
unauthorized administration of the Listener
 Turn on Admin Restrictions to ensure certain
commands cannot be called remotely
 Turn on TCP Valid Node Checking allow certain hosts
to connect to the database server and prevent others
 Turn off XML Database if it is not used
 Turn off External Procedures if not required
 Encrypt Network Traffic using the Oracle
Net Manager tool
Security Checklists [2]

 Accounts
 Lock and Expire Unused Accounts
 Define a user account naming standard
 Define and Enforce a Good Password Policy
 Roles
 Be careful to make new role and give meaningful name
 All user accounts should be assigned to specific role with
minimal privileges
 Revoke any unnecessary permissions
Security Checklists [3]

 DBA Role
 Enable data protection to prevent users access
sensitive tables
 User secure PL/SQL coding standard, to ensure
developers make secure PL/SQL programs
 Perform security audits regularly
 Before installing database, use checklist of what is
needed and what is not
 Install patching as soon as possible
Case Study
Security Checklists [1]

 Background
 Since MySQL is open source, find many resources in the
Internet to find bugs and patches
 Stay tune to MySQL security issue and MySQL update
 Routine Audit
 Check logs to search common SQL injection
 Audit the users and check the granted privileges
 Check the hashing user password to double check password
patterns
Security Checklists [2]

 MySQL Users
 Use strong password
 Rename the root MySQL user to something obscure
 Restrict MySQL users by IP address and passwords
 Never give anyone access to the mysql.user table
 MySQL Configuration
 Enable logging via the --log option
 Disallow the use of symbolic links
 Remove the default test database
 Ensure MySQL traffic is encrypted
Security Checklists [3]

 Operating System
 Turn off unnecessary services or daemons
 Ensure MySQL data files cannot be read by users other than
the root or Administrator account
 Use a low-privileged MySQL account to run the
MySQL daemon
 Ensure MySQL users cannot access files
outside of a limited set of directories