Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Mailing Lists -> Oracle-L -> RE: eweek Oracle base breached using mdsys
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_001_01C002EE.913426C0
Content-Type: text/plain;
charset="iso-8859-1"
I have only WinNT installation guide handy, but in chapter 6, "Reviewing Your Installed Starter Database Contents" it is said "This section describes the user names and passwords included in the starter database. Change the password for user names immediately after installation". And MDSYS user is there. OK, this user isn't granted any roles, but it has all the privileges granted directly. The manual doesn't mention this, so there is a mistake, but still, homework must be done sometimes.
/flameproof_suit_on
Probably that shows that we must go for databases that have only a single
'SA' account, so that securing them will be easier :}}}}}
/flameproof_suit_off
Dr. Nikolay Kumanov
MIS Manager, Zeitungsgruppe Bulgarien GmbH 47, Tsarigradsko chaussee, Sofia 1504, Bulgaria phone: +(359-2)4339-643, fax: +(359-2)946-1286 mailto:nkumanov_at_zgb.bg <mailto:nkumanov_at_zgb.bg>
"Show me a completely smooth operation and I'll show you someone who's covering mistakes. Real boats rock." - Frank Herbert, "Chapterhouse: Dune"
-----Original Message-----
From: Bowes, Chris [mailto:Chris.Bowes_at_kosa.com]
Sent: Thursday, August 10, 2000 7:19 PM
To: Multiple recipients of list ORACLE-L
Subject: eweek Oracle base breached using mdsys
Don't know if this was posted here or not. It was a hacker test setup. They "worked so hard" to secure the site and left a default password unchanged...
http://www.zdnet.com/eweek/stories/general/0,11011,2604981,00.html
<http://www.zdnet.com/eweek/stories/general/0,11011,2604981,00.html>
and a follow up
http://www.zdnet.com/eweek/stories/general/0,11011,2606344,00.html
<http://www.zdnet.com/eweek/stories/general/0,11011,2606344,00.html>
--Chris
Chris.Bowes_at_Kosa.com
------_=_NextPart_001_01C002EE.913426C0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<TITLE>eweek Oracle base breached using mdsys</TITLE>
<META content=3D"MSHTML 5.50.4134.600" name=3DGENERATOR></HEAD>
<BODY>
<DIV><SPAN class=3D078475216-10082000><FONT face=3DArial size=3D2>I =
have only WinNT=20
installation guide handy, but in chapter 6, "Reviewing Your Installed =
Starter=20
Database Contents" it is said "<FONT face=3D"Times New Roman" =
size=3D3>This section=20
describes the user names and passwords included in the starter =
database. Change=20
the password for user names <EM class=3DItalic>immediately</EM> after=20
installation". And MDSYS user is there. OK, this user isn't granted any =
roles,=20
but it has all the privileges granted directly. The manual doesn't =
mention this,=20
so there is a mistake, but still, <FONT face=3DArial=20
size=3D2>h</FONT></FONT></FONT></SPAN><SPAN =
class=3D078475216-10082000><FONT=20
face=3DArial size=3D2>omework must be done =
sometimes.</FONT></SPAN></DIV>
<DIV><SPAN class=3D078475216-10082000><FONT face=3DArial=20
size=3D2></FONT></SPAN> </DIV>
<DIV><SPAN class=3D078475216-10082000><FONT face=3DArial=20
size=3D2>/flameproof_suit_on</FONT></SPAN></DIV>
<DIV><SPAN class=3D078475216-10082000><FONT face=3DArial =
size=3D2>Probably that shows=20
that we must go for databases that have only a single 'SA' account, so =
that=20
securing them will be easier :}}}}}</FONT></SPAN></DIV>
<DIV><SPAN class=3D078475216-10082000><FONT face=3DArial=20
size=3D2>/flameproof_suit_off</FONT></SPAN></DIV>
<P><FONT face=3DArial size=3D2>Dr. Nikolay Kumanov</FONT> </P>
<P><FONT face=3DArial size=3D2>MIS Manager, Zeitungsgruppe Bulgarien =
GmbH</FONT>=20
<BR><FONT face=3DArial size=3D2>47, Tsarigradsko chaussee, Sofia 1504,=20
Bulgaria</FONT> <BR><FONT face=3DArial size=3D2>phone: =
+(359-2)4339-643, fax:=20
+(359-2)946-1286</FONT> <BR><U><FONT face=3DArial color=3D#0000ff =
size=3D2><A=20
href=3D"mailto:nkumanov_at_zgb.bg">mailto:nkumanov_at_zgb.bg</A></FONT></U> =
</P>
<P><FONT face=3DArial size=3D2>"Show me a completely smooth operation =
and I'll show=20
you someone who's</FONT> <BR><FONT face=3DArial size=3D2>covering =
mistakes. Real=20
boats rock." - Frank Herbert, "Chapterhouse: Dune"</FONT> </P>
<BLOCKQUOTE dir=3Dltr style=3D"MARGIN-RIGHT: 0px">
<DIV class=3DOutlookMessageHeader dir=3Dltr align=3Dleft><FONT =
face=3DTahoma=20
size=3D2>-----Original Message-----<BR><B>From:</B> Bowes, Chris=20
[mailto:Chris.Bowes_at_kosa.com]<BR><B>Sent:</B> Thursday, August 10, =
2000 7:19=20
PM<BR><B>To:</B> Multiple recipients of list =
ORACLE-L<BR><B>Subject:</B> eweek=20
Oracle base breached using mdsys<BR><BR></FONT></DIV>
<P><FONT face=3DArial size=3D2>Don't know if this was posted here or =
not. It=20
was a hacker test setup. They "worked so hard" to secure the =
site and=20
left a default password unchanged...</FONT></P>
<P><FONT face=3DArial size=3D2><A target=3D_blank=20
=
href=3D"http://www.zdnet.com/eweek/stories/general/0,11011,2604981,00.ht=
ml">http://www.zdnet.com/eweek/stories/general/0,11011,2604981,00.html</=
A></FONT>=20 </P> <P><FONT face=3DArial size=3D2>and a follow up</FONT> </P> <P><FONT face=3DArial size=3D2><A target=3D_blank=20=
A></FONT>=20 </P><BR> <P><FONT face=3DArial size=3D2>--Chris</FONT> <BR><FONT face=3DArial=20Received on Thu Aug 10 2000 - 12:15:22 CDT