Security Basics mailing list archives
Re: Microsoft Access security
From: SMiller () unimin com
Date: Tue, 27 Apr 2004 08:39:57 -0400
Sanjay, If you appent a new row to the table and type data into those columns, does it remain as entered? AFAIK, MS Access has no tool that would selectively allow columns to be encrypted. However, I can easily think of several MOL trivial ways to accomplish this. The table could be processed by a query that calls an encryption routine written in, say, VB. Or, cruder but equally effective, the column content could be exported to a text file, processed by any number of encryption products (e.g., PGP), then read back into the table, overwriting the original content. How badly do you need to know what is in those columns? Has there been a risk assessed for not doing so? Scott "If sports is the opiate of the masses, reality TV is the crack cocaine." <security@rexwire .com> To: <security-basics () securityfocus com> Sent by: "Sanjay cc: K. Patel" Fax to: <sanjay.patel@rex Subject: Microsoft Access security wire.com> 04/26/2004 03:58 PM Recently a consultant at one of our clients got let go under not so good circumstances. We were called into see if he had left any backdoor behind. We did not find any backdoors but we found out that he encrypted two columns of data in a access database. The data in the columns look like this :)Orwjwlrju)YuĆ’)\}n);<99 We cant figure out how he encrypted it. Has anyone seen this before? SKP --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Microsoft Access security security (Apr 26)
- <Possible follow-ups>
- Re: Microsoft Access security SMiller (Apr 27)
- RE: Microsoft Access security Sanjay K. Patel (Apr 27)
- RE: Microsoft Access security Sanjay K. Patel (Apr 28)
- RE: Microsoft Access security David Gillett (Apr 28)
- RE: Microsoft Access security Joerg Over Dexia (Apr 29)