With the help of some extra code, the vulnerability allows a malicious user to take over the privileges of the TNS listener process before authentication - so no username or password is required to gain access.
Trend Micro has advised companies to check their firewall configuration to prevent the attack and ensure all the SQL servers have a proper password in place. Microsoft's SQL server is wide open to a hack attack if the password is left on its...
Password protect all files and folders. Ensure all access points are outside the firewall (i.e.treat the WLAN as external to the corporate LAN). Consider RADIUS authentication procedures In this configuration each device (client and network) is...
We're also seeing more demand for password management and authentication inside the firewall from companies wanting to enhance security, reduce helpdesk costs, increase end user satisfaction and prove compliance," added the spokeswoman.
Banks are listening; 51 per cent of financial firms have moved beyond simple password protection when managing online transactions, says Deloitte. However, the security needed to stop fraud outside the firewall may be a tougher challenge still.
That's all about behaviour, rather than just locking in with user ID and password - which are terrible for checking identity. T is for Two-factor authentication It is the erosion of the perimeter, the movement away from perimeter-based security...
Did you find this white paper useful? 
White Paper RSS
Download
Register
