Solved

OS admin access on an oracle system

Posted on 2014-03-03
3
434 Views
Last Modified: 2014-03-10
can anyone give some examples on what kind of risks to an oracle database would arise were a hacker to gain admin (on windows) or root (on linux) access to the server hosting the oracle software and database files? what could they do with such access to affect the usual confidentiality/availability/integrity of such a database? Just trying to get my head around how OS and server apps can affect one another..
0
Comment
Question by:pma111
3 Comments
 
LVL 73

Accepted Solution

by:
sdstuber earned 167 total points
ID: 39901421
they could do anything they wanted to the database.

including dropping it or altering the data anyway they wanted.
they could also corrupt the binaries that run the database too or corrupt the files.

If the hacker has access to the storage holding the backups then they could steal and/or corrupt the data completely so it could never be recovered.

Please address previous question that was closed inappropriately
0
 
LVL 36

Assisted Solution

by:Geert Gruwez
Geert Gruwez earned 167 total points
ID: 39901964
if they got to that point, then basically it's game over

mind you, if they knew a little about the system, they could probably order tons of articles and have you paying for it

there are companies out there, which do "attack and penetration testing"
those are the ones who will tell you what holes you have in the system

it usually costs less than a few hackers ...
0
 
LVL 23

Assisted Solution

by:David
David earned 166 total points
ID: 39902174
Consider having a jump or satellite server, with secure shell tunneling required to reach the actual database servers.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Entering time in Microsoft Access can be difficult. An input mask often bothers users more than helping them and won't catch all typing errors. This article shows how to create a textbox for 24-hour time input with full validation politely catching …
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now