Super Users Pose Database Security Threat; DNS Security Needs Improvement

A recent survey showed that "super users" could be a threat to database security. In other news, researchers at Princeton University found that cross-site request forgeries are increasing, while Infoblox, Inc. announced the availability of its new DNS firewall.

Focal Points:

• A recent survey conducted by the Independent Oracle Users Group (IOUG) found that most database administrators have not properly implemented all database security defenses. The recent survey of over 300 IT and database administrators found that some of the biggest database security risks came as a result of either unauthorized users having access to data, or by "super users" that were able to exploit their privileged access. Most of those interviewed said they had no special mechanisms in place to prevent super users from accessing protected data, or even to detect any database activity conducted by these people. About twenty percent of the respondents expect a database breach to occur in the coming year. A similar number of respondents did not know whether sensitive data was even encrypted.
• Researchers from Princeton University have discovered four major Web sites that are susceptible to cross-site request forgery (CSRF) attacks. This is significant, since these attacks usually happen in a stealthy fashion that is not easy to detect. The affected sites have all been notified, but not all fixes to the vulnerabilities have been made. One of the CSRF flaws was found on a public financial site, the first known attack that would make it possible to transfer money out of a bank account. The researchers said that, for this particular flaw, even using secure sockets layer (SSL) would not protect the user from the CSRF attacks. These attacks can force the browser of the user to take actions without the user knowing.
• Officials from Infoblox recently announced the availability of its new "Domain Name Service (DNS) Firewall." This expands on Infoblox's existing capabilities, including alerting, reporting, and attack mitigation for DNS security. Infoblox uses a grid concept to connect multiple of its appliances which enables centralized management and control. Officials claim that this system can dramatically increase DNS security and minimize DNS's vulnerability to security exploits. IT services that rely on DNS include IP address assignment and management, email, Web services, Microsoft Corp.'s Active Directory, and Voice over IP (VoIP) applications.

Experton Group believes maintaining DNS security is critical to the overall functioning of IT infrastructure. Since so many networked services and applications rely on DNS, any problems with DNS are likely to affect just about every application in the enterprise. For this reason, it is essential that IT executives ensure the coordination between network engineers and security personnel to make DNS as secure as possible from hacker exploits.