| MS SQL Server渗透测试方法 |
| |
| 引用本文: | 谢朝海,王建法,董平.MS SQL Server渗透测试方法[J].国土资源信息化,2008(5):35-38. |
| |
| 作者姓名: | 谢朝海 王建法 董平 |
| |
| 作者单位: | 公安部信息安全等级保护评估中心,山东省蓬莱市国土资源局开发区分局,山东省蓬莱市国土资源局 |
| |
| 摘 要: | 当前电子政务、电子商务和企业内部的很多数据和敏感信息都存放在MS SQL Server数据库中,但是SQL Server数据库的安全性却一直没有像操作系统和网络设备那样受到应有的重视,得到恰当的测试评估。鉴于此,本文提出可以利用两类不同的安全漏洞对SQL Server数据库进行渗透测试,给出具体的测试方法,用以指导信息系统数据库管理员进行自测试评估,及时发现存在的严重安全漏洞,以进一步采取措施,进行漏洞修补。
|
| 关 键 词: | 数据库 渗透测试 漏洞 |
Penetration Testing Method for MS SQL Server |
| |
| XIE Chaohai WANG Jianfa DONG Ping.Penetration Testing Method for MS SQL Server[J].Land and Resources Informatization,2008(5):35-38. |
| |
| Authors: | XIE Chaohai WANG Jianfa DONG Ping |
| |
| Institution: | XIE Chaohai~1 WANG Jianfa~2 DONG Ping~3 |
| |
| Abstract: | Nowadays many e-government, e-business and enterprise internal data and sensitive information are stored in the MS SQL Server database. But compare to the operation system and network facilities, the security of SQL Server database until now hasn't received due attention and got proper testing. Ac- cording to this situation, this paper suggests that we can use two kinds of different security loopholes to carry out the penetration testing of SQL Server database. The concrete testing method is introduced in this paper to direct the self testing by the managers of the information system database, so that they can discover serious security loopholes in time and take measures to patch the loopholes. |
| |
| Keywords: | Database Penetration testing Loophole |
| 本文献已被 CNKI 维普 等数据库收录! |
