31 May 2009
Windows 7 64 Home Premium
Quote: Originally Posted by reghakr
I couldn't find DigitalGrimm in a search.
His comment is the 3rd one down
"Investigators believe the hackers used a technique called SQL injection to exploit a security vulnerability in Microsoft's SQL Server database to gain entry to the Web servers."
A 'SQL Injection' is NOT a security vulnerability in a SQL (MSSQL, MYSQL, ORACLE, POSGRESQL, ETC) server. It is a security vulnerability in the web application that accesses the database. So this is NOT Microsoft's fault, but the fault of the poor programming utilized by the web application developer.
There are many ways to stop these attacks, the most important being input validation (aka secure code). Other alternatives, if you have a less then perfect programmer, are application firewalls, IDS/IPS systems, and due diligence.
These 'hacks' are easy enough for any person worth their weight to exploit and happen every days to hundreds of web sites. Most likely, judging by the described defacement, these were 90% automated attacks. Furthermore, if the web server is setup correctly (be it Linux, Windows, MAC, BSD, etc) the most the group would have access to is the web site's database which should have nothing more then information for dynamic content. As I doubt any company would be foolish enough to actually have an externally accessible server to have access to internal only data.
Sorry, but there will be no 'kudos' to the 'hackers' on this one.
|My System Specs || |