Dailydave mailing list archives
RE: Offense - Database tools
From: "Hackling, Matthew (AU - Melbourne)" <mhackling () deloitte com au>
Date: Sat, 3 Sep 2005 12:58:01 +1000
Hey Patrik Karlsson's MSSQL and Oracle tools rock from cqure.net They are also teeny weeny and only require a classes.zip file to work. The thing that sucks at the moment is DB2 connectivity. Especially on linux :( I've downloaded over 2Gb of .zip and .tar files recently trying to install the DB2 administration client on linux :( Kind Regards, Matthew Hackling -----Original Message----- From: Dave Aitel [mailto:dave () immunitysec com] Sent: Sat 9/3/2005 6:42 AM To: dailydave Subject: [Dailydave] Offense Justine (Immunity's CEO, who is not a US Citizen, it turns out) wrote an Oracle password checker for CANVAS recently. I'm about to throw it on the partner's page, but the basic theory I have is that 99% of your problems in an Oracle installation are you forgetting to change the 100000 default passwords that come with various packages. It's weird how few attack tools work well against databases. Most of them require you install a five thousand cd package from Oracle to get connectivity. All day long though, we've been reading the various articles on New Orleans, which you can only take like a body blow. It was 50/50 that we would have relocated to New Orleans, when we left NYC a few months ago. Not sure where we'd be now if we had chosen that instead of Miami. This is probably the most depressing article: http://news.independent.co.uk/world/americas/article309696.ece . Stratfor suggests you create a family-wide plan for relocation in the event of this sort of thing, with a backup spot to meet up. They say this reduces your anxiety by knowing that if you're all split up, you have positions you can recombine in, and you can worry instead about escape and staying alive. They also have a great article on the geopolitical importance of New Orleans, and the port there in particular, which, oddly enough, they had written a few volumns about before all this happend. I know some people (Richard Thieme, for example) noticed they have a spotty record on Japan, but they're a lot easier to read than CNN, where all you get is Bush coming home from vacation looking confused. I guess the basic theory here is that you can't JUST do offense. Jared Diamond's[1] latest book "Collapse" goes in depth over how civilizations lose cities by destroying the environment around them. It's dry (want an in depth analysis of ranching and water use in Montana?), but worth a read if you're on a long plane flight and trying to understand the issues around these sorts of problems. It's good as a coping mechanism, say. It turns out that working through Microsoft Typelib[2] or Oracle's login protocol only helps so much. -dave [1] Pulitzer prize winning "Guns Germs and Steel", etc. He also wrote a good book on human evolution for people without anthropology or biology degrees. There's lots of weird nature shows on evolution on TV lately, as a response I assume to Kansas politicitans trying to prove how uneducated they are. [2] Unmidl.py work - almost there. Hopefully done by HITB. Will GPL shortly. This email and any attachments to it are confidential. You must not use, disclose or act on the email if you are not the intended recipient. Liability limited by a scheme approved under Professional Standards Legislation. Deloitte is a member of Deloitte Touche Tohmatsu (a Swiss Verein). As a Swiss Verein (association), neither Deloitte Touche Tohmatsu nor any of its member firms has any liability for each other's acts or omissions. Each of the member firms is a separate and independent legal entity operating under the names "Deloitte", "Deloitte & Touche", "Deloitte Touche Tohmatsu", or other related names. Services are provided by the member firms or their subsidiaries and affiliates and not by the Deloitte Touche Tohmatsu Verein.
Current thread:
- RE: Offense - Database tools Hackling, Matthew (AU - Melbourne) (Sep 02)
- Re: Offense - Database tools H D Moore (Sep 02)