The Oracle server setup was created to test the security of the Oracle server and Operation System. One computer will include the patched version of the Oracle database and the Windows OS, the other one will have the unpatched version of Oracle database and the unpatched Windows OS. The project will then use a variety of techniques to see what differences there may be when attempting to gain unauthorized access to these two systems.

The methods can include:

    • A standard penetration test:
      • discover, Interrogate, Compromise, and elevate Man-in-the-Middle MITM)
      • attacks against traffic to and from an Oracle client
    • Hijacking or cloning a Wireless Access Point (similar to a MITM attack)

A policy review and attempt at password cracking of each server and Oracle instance

  • Administrator unauthorized access
  • (Internal) Database user unauthorized access
  • Cross database permissions violation
  • Post mortem detection of possible intrusions, including:
    • Forensic analysis of each server
    • Firewall logs
    • Operating system and Oracle application logs
    • Netflow data
Author