Penetration Testing mailing list archives

Re: Oracle Auditing

From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Tue, 2 Aug 2005 23:40:35 -0700

Basically, if you're running Oracle, you're vulnerable. Not withstandingthat opinion, without reservation, I recommend you look at "NGSSquirrel forOracle."


http://www.ngssoftware.com/squirrelora.htm

NGS lead world-wide Oracle vulnerability discovery; if you want a product toidentify these vulnerabilities, then get the assessment tool from the oneswho find the issues to begin with. Though I am friends with Dave, I don'trecommend the product because of that-- in fact, he down-right pisses me offsometimes. The reason I recommend it is because if your goal is to auditOracle security, you must have NGSSquirrel to do so properly.

----- Original Message -----From: "Joe T" <recommendeddosage () gmail com>

To: <pen-test () securityfocus com>
Sent: Tuesday, August 02, 2005 8:54 AM
Subject: Oracle Auditing

Good day,

I should preface this message by saying that I have little to no
experience with Oracle administration, and I'm looking to gain a bit
of information.

When performing some network scans, I notice that the Oracle database
rarely has a password set for the tnslsnr account. From the Nessus
scan results, I have learned that the database may be compromised
because of this null password. I've searched the web, and the majority
of the information I find talks about a DoS attack for Oracle 8.

My question becomes: Has anyone exploited this misconfiguration, and
if so - how? Is this an account that you can connect to without
expensive Oracle software?

Also, what other tools do you utilize to audit Oracle?

Thank you,

Joe

------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------

------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------

Current thread:

Oracle Auditing Joe T (Aug 02)
- RE: Oracle Auditing Clement Dupuis (Aug 02)
- Re: Oracle Auditing Joshua Wright (Aug 02)
  - Re: Oracle Auditing DokFLeed (Aug 03)
- Re: Oracle Auditing Thor (Hammer of God) (Aug 03)
- RE: Oracle Auditing Erez (Aug 03)
- Re: Oracle Auditing David Eduardo Acosta Rodríguez (Aug 03)
  - Re: Oracle Auditing Pete Finnigan (Aug 12)