Re: Oracle Auditing

From: David Eduardo Acosta Rodríguez (david.acosta@internet-solutions.com.co)
Date: Wed Aug 03 2005 - 11:05:55 EDT

Good morning:

You can use this scripts/tools for Oracle pen-testing:

http://www.petefinnigan.com/sql.htm and
http://www.petefinnigan.com/orasec.htm<- Miscellaneous scripts for Oracle
http://www.appsecinc.com/products/appdetective/ <- Appdetective tool for
vulnerability assessment in databases

I used Database Scanner (ISS) but this product has been discontinued (I
believe that it was replaced by Internet Scanner).

Finally, look in http://www.orafaq.com/ and
http://otn.oracle.com/deploy/security/oracle9i/pdf/9i_checklist.pdf

Greetings,

         Ing. David E. Acosta R.
      Security Consultant - CISSP
       Internet Solutions Colombia
  "The Information Security Experts"
http://www.internet-solutions.com.co
 david.acosta@internet-solutions.com.co

----- Original Message -----
From: "Joe T" <recommendeddosage@gmail.com>
To: <pen-test@securityfocus.com>
Sent: Tuesday, August 02, 2005 10:54 AM
Subject: Oracle Auditing

Good day,

I should preface this message by saying that I have little to no
experience with Oracle administration, and I'm looking to gain a bit
of information.

When performing some network scans, I notice that the Oracle database
rarely has a password set for the tnslsnr account. From the Nessus
scan results, I have learned that the database may be compromised
because of this null password. I've searched the web, and the majority
of the information I find talks about a DoS attack for Oracle 8.

My question becomes: Has anyone exploited this misconfiguration, and
if so - how? Is this an account that you can connect to without
expensive Oracle software?

Also, what other tools do you utilize to audit Oracle?

Thank you,

Joe

---------------------------------------------------------------------------- 

--
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't
Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:
http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
----------------------------------------------------------------------------
---
------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't
Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:
http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:40 EDT