Sources for database vulerabilities

[Roots]

I'm doing a remote research project with a couple of my professors this summer on intrusion tolerance security. I need to research all the attacks and variants that can occur on our distributed system. I'm requesting if you have a good website or text (preferrably website) with information pertaining to make me aware about it. I really appreciate any help you can give me, because this project is REALLY important for me (particularly so I can be accepted into grad school).

Here is the system:

Web Browser: HTTP 1.1
Apache web Server (v 1.3.21)
CGI scripts written in Perl or PAP
Databases of vulerability:
- MySQL
- NIST
- Bugbraq
- Cerias VD

I need to "understand" HTTP 1.1 and Apache, but the database vulerabilities are what I need the most. Buffer overflow, Denial of Service, Flooding based attacks, and Script Vulerability attacks are the 4 different classes of attacks I need to research. Any help at all would be GREATLY appreciated. I've never done a single thing with any of the parts in this system, so I am thoroughly intimidated Thanks!

 

[540mb]

Well I don't have any links off the top of my head but I deal with this often. Buffer overflow are pretty simple. Basically you are going to want to get info on all the functions/procedures used for input and output by the database. Then whenever any of those functions are called make sure that the data being sent in and out is not larger then the alloted buffer size. Denial of Service and flooding are fairly simple as well....if you want more info I can tell you but any amount of research will give you pretty good answers. Scripts are going to be your biggest weakness by far. This is because of SQL injections and the ability of the end user to possibly control query strings and form posts. Here is a quick off the top of my head SQL injection problem:

your script SQL

Select * from UsersTable where id='FORMID' and pass='FORMPASS'

the ID that someone could post for FORMID could be something like:
' or ''='
This then allows the user to inject code the will work every time without knowing any username or password. Obviouslly a user can delete/update/insert whatever they want if you don't do correct checks. With scripts you are also going to want to verify that a post is coming from the correct source because of the ability to have a user create their own post and modify your DB. For example, you create a perl script that inserts into the DB. What is stopping a user from creating their own script that calls your insert page and lets them modify your DB. The list could go on for a while. Basically with your scripts you are going to have to constantly check for valid data from valid users from valid sources before you let the data touch your DB. If you have any specific ?'s or anything just ask and hopefully I can help somewhat.

 

[Roots]

Thanks for the info. I feel better about this project already Does anyone else have any quick pointers/info/LINKS?

 

[Descartes]

No, exploiting buffer overflows are NOT simple DoS attacks can be simple, but there are many different forms of a DoS.

Read the HTTP RFC.

Buy TCP/IP Illustrated.

Read SANS.

Optionally buy
Writing Secure Code.

 

[540mb]

Originally posted by: Descartes
No, exploiting buffer overflows are NOT simple DoS attacks can be simple, but there are many different forms of a DoS. Read the HTTP RFC. Buy TCP/IP Illustrated. Read SANS. Optionally buy Writing Secure Code.

I agree they are not SIMPLE at all to exploit. Stopping them is much easier than trying to exploit then. Making sure that you have the right code left to execute after the buffer is full and making sure that it is executed correctly is not a simple task at all.

 

[Roots]

But....I'm not stoping them. That's the job of some other students. My job is to research all the different attacks, and then write the algorithms and code the attacks and simulate them to test our system. So they are really hard huh? *cries* Thanks for the info though. Now where did I put that noose I've been saving? :brokenheart: