It is well known that important corporate information is often kept within the database. So usually the attacker's ultimate target is the information from the database, not the administrator’s permission on the server that hosts the database.
At the moment, the system for managing databases, particularly Oracle Database Management Systems (DBMS), represents a most difficult suite of programs, which has a large and varied number of security problems. Oracle DBMS is the most interesting to consider, because today it is the standard SMD utilized in large corporations worldwide.
An overall audit of Oracle DBMS will allow you to get a complete and objective view of the protection level of your DBMS.
How audit is performed
An audit of Oracle DBMS security takes about one month for an auditor’s team to complete. An audit can be conducted with automated tools (scanner, script), manually and/or based on the particular specifications of the current system. During the audit, specialists will conduct a full evaluation of how DBMS is protected. Below is a list of only the main part of the checkup.
1. Listener security checks in the network and OS level
Network Listener security
Listener logging
Listener configuration access
Database SID checks
2. Detailed review of the users passwords and password management
Default passwords
Users’ passwords
Password management and access control
Clear text and the weak encrypted passwords in the OS, Database, configs, traces, etc.
3. Privilege escalation tests
Detailed Review of given dangerous database roles and privileges
Detailed Review of the access to the dangerous database procedures, triggers, tables
Detailed Review of other database security options etc.
4. Access to operation system
Execute OS commands
Read/write OS files
Review of the RDBMS process rights in OS, escalating OS rights
5. Review of the Audit trail configuration
Review of the audit in OS level
Review of the audit triggers
Review of the FGA
Bypassing Audit
6. Detection of Oracle Rootkits/Backdoors
7. Review of additional security options
Backup System
VPD
Database Vault
Audit Vault
Etc.
8. Review of the Application Server security
9. Many other security checks
Results
As a result of the audit you will obtain a detailed report, which will describe the following statements:
- Vulnerabilities and configuration threats found in DBMS.
- Risks arising as a result of the vulnerabilities.
- Other defects of the DBMS configuration from the point of view of the information security (absence of the daily registry, managing users and the DBMS administrators’ access).
- Defects in the configuration of the supplementary mechanisms providing information security (VPD, Database Vault, Audit Vault).
- Possible ways for the malicious user’s (hacker) to penetrate into the DBMS.
- Detailed recommendations for eliminating the vulnerabilities and defects found in the DBMS.
- General rules for providing security in the DBMS.
Please contact us at services@dsecrg.com
