Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Anti-U.S. Hackers Infiltrate Army Servers

31 May 2009   #1

Windows 7 Pro & Vista Home Premium
 
 
Anti-U.S. Hackers Infiltrate Army Servers

Anti-U.S. Hackers Infiltrate Army Servers

Where the Hell was the Intrusion Detection Systems, dumbasses
My System SpecsSystem Spec
31 May 2009   #2

Windows 7 64 Home Premium
 
 

This is where people get fired or re-evaluated on the ARMY's IT developing side.
Commenter: DigitalGrimm, summed it up nicely.
My System SpecsSystem Spec
31 May 2009   #3

Windows 7 Pro & Vista Home Premium
 
 

I couldn't find DigitalGrimm in a search.
My System SpecsSystem Spec
31 May 2009   #4

Windows 7 64 Home Premium
 
 

Quote   Quote: Originally Posted by reghakr View Post
I couldn't find DigitalGrimm in a search.
His comment is the 3rd one down

Quote:
"Investigators believe the hackers used a technique called SQL injection to exploit a security vulnerability in Microsoft's SQL Server database to gain entry to the Web servers."

A 'SQL Injection' is NOT a security vulnerability in a SQL (MSSQL, MYSQL, ORACLE, POSGRESQL, ETC) server. It is a security vulnerability in the web application that accesses the database. So this is NOT Microsoft's fault, but the fault of the poor programming utilized by the web application developer.

There are many ways to stop these attacks, the most important being input validation (aka secure code). Other alternatives, if you have a less then perfect programmer, are application firewalls, IDS/IPS systems, and due diligence.

These 'hacks' are easy enough for any person worth their weight to exploit and happen every days to hundreds of web sites. Most likely, judging by the described defacement, these were 90% automated attacks. Furthermore, if the web server is setup correctly (be it Linux, Windows, MAC, BSD, etc) the most the group would have access to is the web site's database which should have nothing more then information for dynamic content. As I doubt any company would be foolish enough to actually have an externally accessible server to have access to internal only data.

Sorry, but there will be no 'kudos' to the 'hackers' on this one.
My System SpecsSystem Spec
31 May 2009   #5

Windows 7 Pro & Vista Home Premium
 
 

Thanks,

I see now.

I believe I have this one also as it deals particularly with SQL Server

Since I'm new here, is this the proper section for these type of security topics?
My System SpecsSystem Spec
Reply

Thread Tools



Similar help and support threads for2: Anti-U.S. Hackers Infiltrate Army Servers
Thread Forum
Web servers are hackersí target of choice Security News
any problems with army men RTS? Gaming
Solved Anti-malware, Anti-virus, Anti-spyware System Security
America's Army 3 Gaming
salvation army! BSOD Help and Support
How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections) System Security
Kaspersky Anti-Virus cripples Servers System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 09:57 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33