Liudvikas Bukys

While looking for examples of SQL Code Injection attacks, I found

a nice concise summary of many typical web application vulnerabilities, including specific product-specific things to look for, e.g.:

MySQL

– Supports ‘INTO OUTFILE’
– Runs often as “root”
– Most modules and libs do not support multiple-statements.

Oracle

– Subselects possible
– UNION possible
– Comes with many stored procedures (utf_file!)
– No multiple-statements

DB2

– Subselects possible
– UNION possible
– Stored procedures
– No multiple-statements

Postgres

– Supports COPY (if superusermode)
– Subselects possible
– UNION possible
– Stored procedures
– Multiple statements are possible!

MS SQL

– Subselects possible
– UNION possible
– Stored procedures
– Multiple statements are possible!
– Many dangerous default stored procedures (xp_cmdshell, sp_adduser)

Lessig, Morpheus, and Stanford story:

Andy Oram:
“…the plug was recently pulled on law professor Lawrence Lessig’s computer by anxious university staff that detected a Morpheus server running on it. He had just installed the server so that he could offer some of his significant and highly desired legal papers to supporters and researchers. Nothing could better illustrate the alternatives facing us than the thrall of richly textured Web Services and the pall of Lessig’s blank monitor.”

Dave Winer:
“He wrote a scholarly paper. He launched a copy of Morpheus and put his paper in the shared folder. Went home for the weekend. On Monday he comes into the office and his computer is disconnected. Stanford security had paid him a visit. “That’s illegal,” they said. Heh. He’s the expert on what’s legal. He wrote the stuff. He wanted to share it. Gotcha.”

Sun, RSA Focus on Network Identity. Boston.Internet.com May 17 2002

See also: Sun’s vision of network identity InternetNews.com March 12, 2002

[Moreover – Tech latest]

Dan Updegrove:

A(n Extended) Campus Information Security Conversation (PDF)
“With all the indirect cost recovery this department generates, I can’t believe the central administration lets us be exposed to such risks!”

TechRepublic:


Set up NAT using the Cisco IOS



Set up Port Address Translation (PAT) in the Cisco IOS

Linux Journal:
How Can You Defend Against a Superworm?

See also:

Nicholas Weaver: Warhol Worms: The Potential for Very Fast Internet Plagues

Staniford, Grim, Jonkman: Flash Worms: Thirty Seconds to Infect the Internet

American Association of Collegiate Registrars and Admissions Officers (aacrao.org):

Final Report, NSF-LAMP Project: Identifying Where Technology Logging and Monitoring and Increased Security End and Violations of Personal Privacy and Student Records Begin

EDS bans IM. Viral risk avoidance [The Register]

The Computer Virus of the Future. osOpnion May 6 2002 3:19PM ET [Moreover – Computer security news]

NewsBytes:

Hackers Continue ‘Early Warning’ Attacks On U.S. Web Sites

A team of hackers, cutting a wide swath of Web-site defacements across the country in what they say is the interests of national security, added servers from Sandia National Laboratories, the U.S. Geological Survey (USGS) and the National Institute of Standards and Technology (NIST) to a list of conquests today.

But the team that calls itself the “Deceptive Duo” continues to shy away from requests that they reveal the security holes they claim open “critical infrastructure” to attacks by America’s foes.