Marlon
Mon Oct 03 13:06:00 CDT 2005
Very good article. Thanks !
"IWSEC" <IWSEC@discussions.microsoft.com> wrote in message
news:F79F53CB-744A-49CB-B4AE-967043C61FF0@microsoft.com...
> Hi,
> There is a very interesting technet article on infiltrating networks that
> may be useful - while it does cover SQL Injection it also gives a lot of
> other information.
>
>
http://www.microsoft.com/technet/technetmag/issues/2005/01/AnatomyofaHack/default.aspx
>
> Cheers
> iwsec
> www.iwsec.co.uk
>
> "Ozone" wrote:
>
>> The only concern that I can see is if the SQL server actually has a
>> Public IP
>> address on it. If it only has an internal / non-routable address, then
>> you
>> should be pretty safe. If it has a private address on it, the only way
>> to
>> get to the SQL server from the DMZ server would be to gain some type of
>> interactive access to the DMZ server... Just be sure that you are not
>> routing through the DMZ server to the backend network...
>>
>> OR
>> if you have some port mapper program such as netcat on the DMZ server,
>> this
>> would allow someone to punch through the DMZ server and connect to the
>> backend SQL server...
>>
>> HTH
>> Ozone
>>
>> "Marlon Brown" wrote:
>>
>> > Imagine this:
>> > I have a Sharepoint Front-End web server in the "Forest-Perimeter"
>> > network
>> > (some call it DMZ).
>> > Imagine the SQL server such Sharepoint server uses continues to be
>> > housed in
>> > the "Internal" network. Therefore I would need to open a hole in the
>> > ISA
>> > firewall to allow communication between the Sharepoint Front-End<---->
>> > SQL
>> > Server (internal) network.
>> >
>> > Can you tell me the mechanism and likelyhood of getting such SQL server
>> > compromised via this Front-End web server ?
>> > I know you can hit a SQL server pretty hard if you can explore SQL
>> > server
>> > injections, but let's assume you use store procedures to avoid SQL
>> > server
>> > injections.
>> >
>> >
>> >
>> >