MALAYSIAN INSTITUTE OF INFORMATION TECHNOLOGY UNIVERSITI KUALA LUMPUR

Assignment
Session January 2012 IKB10103 INFORMATION SECURITY
Date Submission: 27 march 2012

Prepared By:
Muhammad Iqbal Arieff Bin Kamsani (52261211257) Ahmad Hilmi Bin Zakaria (52261211467) Mohd Yazid Bin Abdul Jalil (52261211549) Mohd Amirul Naim Bin Suhaidi (52261211567)

Prepared For:
MADAM HERNY RAMADHANI BT MOHD HUSNY

Table of Content

Content

Pages 2

Introduction 3 Database Communication Vulnerabilities 4 Weak Authentication 5 Backup Data Exposure 6 Summary 7 Reference

Introduction
When searching for possible causes related to the recent outbreaks of security breaches on the organizations, there are a number of factors that are important to consider. Best practice dictates a process of elimination methodology in an effort to determine where the problem lies. By eliminating potential threats by examining four main areas: Database Communication Protocol Vulnerabilities , Weak authentication and Backup Data Exposure, we will be able to target the genesis of the databases security issues and eliminate them going forward. In an event such as this, it can be easy to overlook a potential threat that is present every day. While we would like to think the best of those with access to the system, and we are not accusing anyone of anything, due diligence requires we conduct a thorough investigation of all potential threats.

Database Communication Protocol Vulnerabilities

A rising number of security weaknesses are being identified in the database communication protocols of all database vendors. What happens is that, vendor relies heavily on proprietary network protocol to communicate data and commands. Therefore, they tend to create out complex and mostly obscure protocols are prone to security vulnerabilities .4 out of 7 security fixes address protocol vulnerabilities. Definition : Tampering with Database related network protocol messages. Effects : 1) Causes Unauthorized Data Access and Manipulation 2) Denial Of Service Mitigation : 1) Technology such as protocol validation helps dissembles database traffic and compares it to expectation. A block/ alerts may be taken if such live traffic does not match the expectation. This causes only normal client generated message to enter. 2) Technology such as reactive validation also has the basis of protocol validation. But its only effective to address known to the user. It will check for the specific known attacks and react quickly to it such as alerts or block.

Weak Authentication
Weak authentication will allow attackers to assume the identity of legitimate database users by stealing or otherwise obtaining login credentials by any means necessary. An attacker may employ any number of strategies to obtain ways to get into the database. Definition : The use of weak Account Names, ID s' , password or anything that is weak to conceal the identity of the database user. Types of attacks : Due to Weak authentication, attackers may assault the database in order to obtain data. Some of attacks are listed below : 1) Brute Force : Attackers repeatly enters username and password until he/ she finds the one that works. It involves simple guessworks, systematic enumeration of all possible combination. Oftenly, they will use automated program to accelerate the progress 2) Social Engineering : A situation where the attackers will take any kind of advantages the natural human tendency to trust them in order to convince others to give them their accounts/ID/ Username/ passwords. An attackers may represent himself as IT Manager via phones and request important login credential for System Maintenance purpose. 3) Direct Credential Theft : An attacker may steal the ID/Username or login credential and copy-paste it to notepad or any kind of program that supports it, passwords, files and et cetera. Effects : 1) Thievery of Credential Mitigation : 1) 2) 3) 4) Use at least 2 factors of authentication such as double-layered password Enforce the strong password policy Detect and identifies the related attacks and counter-reacts to it. Actively assess authentication mechanisms that make sure users choose strong passwords only, none other or less. 5) Time Of Day enforced, because, hackers usually use the machine at night, so, unusual off-hours access will trigger the Time Of Day violation - Extra precautions might need to be taken when employees are accessing a company website from off-site, either using a home or public wi-fi system. I think less stringent measures of authentication are necessary when employees are working onsite, on company equipment than when 5

accessing company databases or files, say, via a mobile device where you have less control over network security.

Backup Data Exposure

Backup database storage media is often completely unprotected from attack. As a result, several high profile security breaches have involved theft of database backup tapes and hard disks. Definition : An unencrypted data on Back-Ups Tapes and hard disks or any storage media. Effects : 1) Exposure of sensitive information 2) Missuse of private data 3) Private and Confidential data exposure. Mitigation : 1) End-to-end Encryption : Consist of application dependent, complex keys management and persistent exposure if the key is lost 2) Disk Encryption :Data have to be encrypted, yet again, for backup 3) Database Encryption

Summary
Even though databases information is vulnerable to a host of attacks, it is feasible to dramatically reduce risk by focusing on the most critical threats. By addressing the threats outlined above, organizations will meet the compliance and risk mitigation requirements of the most regulated industries in the world. Vulnerability research of connection establishment can be done using simple tools like Netcat. Meanwhile, deeper analysis of the protocol and vulnerability research into other parts of it requires a different tool such as TCPirate.

Reference
Web -> Top 10 Database Vulnerabilities, 27 September, 2006 by Imperva Confidential http://www.ossir.org/paris/supports/2011/2011-02-08/Imperva.pdf -> Amichai Shulman, Top Ten Database Security Threats 2006.How to Mitigate the Most Significant Database Vulnerabilities http://www.schell.com/Top_Ten_Database_Threats.pdf Book -> Alberts, Christopher J. & Dorofee, Audrey J. Managing Information Security Risks: The OCTAVESM Approach.
Boston, MA: Addison-Wesley, 2002 (ISBN 0321118863). -> Allen, Julia H. The CERT Guide to System and Network Security Practices. Boston, MA: Addison-Wesley, 2001 (ISBN 020173723X).

Others -> Facebook friends