fr | en
dessin

Oracle Anti-Hacker Training, du 11 au 13 juin 2008

Lieu du cours: Genève, Suisse.

Prix: 2950 CHF (comprend le repas de midi, les notes de cours (1000 pages) et les scripts/logiciels

Pré-requis: Connaissances des bases de données Oracle

Nombre maximum de personnes: 10

Inscription: en ligne exclusivement

La formation est donnée en anglais par Alexander Kornbrust, un des meilleurs spécialistes de la sécurité Oracle. Il vous propose le programme suivant:

  • Oracle Security
    * Oracle Security related Websites (Where to find Exploits, Gossip....)
    * Books (Useful Oracle Security books)
    * Metalink Hacking (Find unknown/unpublished security bugs in Metalink)
    * Google Hacking of Oracle Technologies
  • Security Basics
    * Secure Oracle Architecture (Client, Server, Application Server, Backup/Recovery...)
    * Encryption (Concepts, Network, Database...)
    * Privileges
    * D.o.S. - Denial of Service (Concepts, TNS-Listener, database, database user, oid...)
    * Buffer Overflows (Concepts, Packages, SQL functions...)
    * SQL Injection (Concepts, Packages, Trigger, Webapplication...)
    * Tools (Scripts, Oracle Security Scanner, Free and commercial software ...)
  • Database
    * Attack Scenarios
    * Overview Security Windows (Services, Patches...)
    * Overview Security Unix (X11, Services, Patches...)
    * File Permission (Common Issues, Become Root... )
    * Listener (TNS, MTS, XMLSDB, Exploits, Securing Listeners...)
    * Network Sniffing & Tracing (Ethereal, Tracing, ASO...)
    * Reading and stealing files (Export, archive, utl_file, dbms_lob...)
    * Creating Files ( utl_file, external tables, dbms_advisory, Java...)
    * Oracle Database Passwords (Brute Force Cracker, Password Algorithm, hashkeys...)
    * Other Oracle Passwords (modplsql, CMDSK, changing, decrypting...)
    * Execute OS commands (Java, Extproc, undocumented Procedures...)
    * PLSQL (Wrapping, Unwrapping PLSQL, Patching wrapped procedures, ...)
    * Rootkits (How to Implement, Find)
    * Become DBA (several ways to become DBA)
    * Hardening Oracle Database (Approach, where to start, top-5-issues, Keep the database secure...)
  • Oracle Clients
    * Attack Scenarios
    * Passwords & Accounts (Handling, Roaming, Decryption, ...)
    * Client Startup Files
    * SQL Logging
    * Temp Files
    * Analysing various Oracle Clients
    * Using Windows PE / Knoppix (Create own Oracle Boot-CD)
    * Hardening Oracle Clients

| Audits | Conseil | Formation | Produits | OS Labs | Contact |

OS Objectif Sécurité SA  Route Cité-Ouest 19  CH-1196  Gland  Tel : +41 22 364 85 70  Fax : +41 22 364 85 79  
info@objectif-securite.ch