OS admin access on an oracle system

pma111
pma111 used Ask the Experts™
on
can anyone give some examples on what kind of risks to an oracle database would arise were a hacker to gain admin (on windows) or root (on linux) access to the server hosting the oracle software and database files? what could they do with such access to affect the usual confidentiality/availability/integrity of such a database? Just trying to get my head around how OS and server apps can affect one another..
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Most Valuable Expert 2011
Top Expert 2012
Commented:
they could do anything they wanted to the database.

including dropping it or altering the data anyway they wanted.
they could also corrupt the binaries that run the database too or corrupt the files.

If the hacker has access to the storage holding the backups then they could steal and/or corrupt the data completely so it could never be recovered.

Please address previous question that was closed inappropriately
Geert GOracle dba
Top Expert 2009
Commented:
if they got to that point, then basically it's game over

mind you, if they knew a little about the system, they could probably order tons of articles and have you paying for it

there are companies out there, which do "attack and penetration testing"
those are the ones who will tell you what holes you have in the system

it usually costs less than a few hackers ...
David VanZandtOracle Database Administrator III
Commented:
Consider having a jump or satellite server, with secure shell tunneling required to reach the actual database servers.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial