Evaluating Database Security

Evaluating Database Security

How easy/hard is it to hack into a database? How do they hack into them, and where can I get some basic information on database privacy and security?

This is a difficult question to decide to answer. Without going into too much detail, I can say that databases are vulnerable to several hacks, many of which involve monitoring the TCP ports over which they communicate. Other things such as stored procedures and triggers in databases can be so obscure and “invisible” to programmers that it is also possible to hide malicious routines here, assuming that the hacker has some form of database access originally. (That’s more of a Trojan horse than anything else.)

As for privacy and security, you don’t hear much about database hacks. Other hacks are general enough that once a hacker penetrates the operating system, the hack is almost finished. For a successful database hack, the bad guy first must penetrate the OS and then the database. It is more difficult than a simple OS hack.


Share the Post: