AOH :: ISN-1098.HTM

Re: Hacker logs onto FWP hunter database, but no information




Re: Hacker logs onto FWP hunter database, but no information
Re: Hacker logs onto FWP hunter database, but no information



Forwarded from: security curmudgeon  

: http://www.bozemandailychronicle.com/articles/2005/06/29/news/02fwp.txt 
: 
: By NICK GEVOCK
: Chronicle Staff Writer 
: June 29, 2005
: 
: A hacker broke into a Montana Department of Fish, Wildlife and Parks 
: computer database containing personal information about hunters last 
: month, but officials say no data was stolen.

: The database includes personal information about hunters, including 
: Social Security numbers, along with data on where they hunted and 
: whether they killed game.
: 
: Upon discovering the hacking, FWP immediately contacted Sam Mason, a 
: state data security specialist, who determined the hacker hadn't 
: downloaded any information, Aasheim said.

: Based on a review of the database after the incident, it appears that 
: the hacker was looking for storage space for files, Mason said.

Because all of the system logs clearly show this? And the logs were
not altered?

: Luckily, Aasheim said, the agency's databases use Oracle software, which 
: compresses inforamtion into a code that is not visible to hackers as 
: readable text.

"Not visible to hackers" is quite amusing, given the nature of hacking
and how many hackers are responsible for reversing just about
everything, including encryption/obfuscation schemes. And heaven
forbid the hacker know Oracle commands, because I think Oracle can
read that "inforamtion"  (sic).

: In addition, the database takes up 12 gigabytes of disc storage that
: can't be accessed in pieces. 

So the machine has 12 gigs of RAM to load it into memory? Oh wait.. of
course it can be accessed in pieces. Maybe he couldn't download the
raw database in pieces, but Oracle sure can query it in such a way as
to display pieces.

: A transfer of that size would take time, but the hacker was only on the 
: server for a few minutes.

Or the logs were zapped past a certain point. It's hard to swallow
this story, that they detected the intrusion, responded and can
*guarantee* that no data was stolen. Any company/agency that runs the
swiss cheese we call Oracle should know better.



_________________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 23-28 - 
2,000+ international security experts, 
10 tracks, no vendor pitches.
www.blackhat.com 

Site design & layout copyright © 1986-2014 CodeGods