Abstract

For database administrators, security typically means assigning appropriate rights to logins, ensuring that passwords do not easily succumb to a brute-force attack, and helping developers write code free of SQL injection vulnerabilities. After we take care of these fundamentals, it's time to look at the next layer of attacks: network-based attacks. This presentation will focus on two particular network attacks: abusing SQL authentication and taking advantage of a man-in-the-middle attack. We will close with discussion on how to mitigate these attacks.


Slides

The deck for this presentation is available in two formats. You can get it in either Power Point 2010 or PDF format.

The Power Point version includes additional notes (and stage directions).

The slides are licensed under Creative Commons Attribution-ShareAlike.


Demo Code

The demonstration code is available in Powershell (.ps1) format.

The source code is licensed under the terms offered by the GPL. The slides are licensed under Creative Commons Attribution-ShareAlike.