[Previous entry: "OracleXE beta 2 released"] [Next entry: "Laurent on hidden parameters"]
David Litchfield has started a blog and talks about the worm
November 18th, 2005 by PeteI saw that David Litchfield has started a weblog that is simply titled "Databasesecurity.com Weblog". I notice that he has made a good choice of using greymatter software. This is what I use and have been very happy with so far.
I was particularly interested by a post titled "On Oracle worms" that makes an interesting point about the feeling in the community of Oracle users that a worm will not work because the database is usually behind a firewall. Whilst there are no where as near as many Oracle databases exposed to the net as SQL Server / MSDE for instance, it does not mean that there are not exposed databases out there.
The new Oracle Express should change that viewpoint. I am also interested by Davids comments that the extproc flaw would be an ideal vector for a worm and it could be called remotely and also methods exist for replication. Whilst it would be possible to do this from inside the database a more scripted approach might suit. As David points out lets hope that his comment does not end up being a self fulfilling prophecy.
