Data Attack Prevention
Essay by willie • May 4, 2011 • 709 Words (3 Pages) • 1,719 Views
Data Attack Prevention
Willie Kinney
CMGT/441
University of Phoenix
April, 2011
Facilitator Dr. Shivie Bhagan
Prevention of attacks to a data system is a very important issue that will either make or destroy a company main structure. The creator of threats to a company's network or operation mainframe is looking to get into financial information or client information to steal their personal data. It is up to companies to know the best way to have a means of prevention of these threats to the success of their operations network functionality. Attack prevention is somewhat as a full time job for any companie's IT department. The question is will most companies be a victim of their vulnerabilities or will they be champions through their prevention measures.
SQL Injection attack prevention
The attack is SQL injection attacks, being one of the most likely strike hackers use towards Internet-facing SQL Servers databases. This attack is a very strong threat in which companies are better off having the prevention measures in place before it has chance to latch onto network systems. One problem is if the system that is in place uses dynamic SQL and allows for users unchecked input to be passed to the database, will more than likely put it at risk. This could also turn into data loss, data theft, and in more recent strings of injections attacks that were automated, customers had Java script codes served to them by way of a compromised databases. This particular attack infiltration causes Web servers to infect the client computer with another virus (Cherry, 2008). Even the United Nations site is not immune to its attack.
The SQL injection works by allowing the attacker basically to escape out from existing command by putting single quote in a string value or by use of a semicolon being placed at the end of numeric value and by putting a SQL command after the escaped character. Clever hackers will use this technique to reveal the name of tables in a database. This will then give the hacker the right to insert data into tables.
The ways to protect databases from these threats are to lock down the databases security, which is using best practices. In order to do this the database permissions become stricter by a lower set of these permissions as possible to operate. Also, includes table-level not to be used to the tables. Access should be through stored procedures which should
...
...