Albert D. Kallal wrote:
All the hosts/providers with which I am familiar allow a connection
over the internet using
Well, a the vast majority of the ones I am aware of don't allow the above....
For the most part, a open sql port is not available.
I have just added a new MS-SQL 2005 database named SQL2005_51315_ffdba
to those hosted for me by DiscountAsp.Net. It is new. I have added no
tables, or other objects.
It is available to me through an (SQL) port on the Internet. That is, I
can connect directly to it with ADO using its IP address, the name of
the database (given above), User Name and Password. An example of such
a connection is one used by an MS-Access ADP file.
I invite you to login in to this database and create a table called
"Albert D Kallal". As the database is mine, I am stating that I will
hold you free of any civil or legal problems that such hacking,
tampering or breaching of security might bring up. W can explain that
this is all a test (intended for the extension of knowledge) among
friends should any authority intercede or question us.
When you have created this table, please, let me know with a post here
in CDMA, or by e-mail and we can jointly point out the vulnerability of
such database hosting.
I will point out that I have made it a point not store any of the data
required for login on my own or any ffdba computer, nor on my website,
so that a secondary approach through those routes is unlikely to be
successful.
And, to start you on your way I'll reveal the major security software
running at the site as below:
"TippingPoint Intrusion Prevention Systems
The TippingPoint Intrusion Prevention System (IPS) delivers the most
powerful network protection in the world. The TippingPoint IPS is an
in-line device that is inserted seamlessly and transparently into the
network. As packets pass through the IPS, they are fully inspected to
determine whether they are legitimate or malicious. This instantaneous
form of protection is the most effective means of preventing attacks
from ever reaching their targets.
TippingPoint's Intrusion Prevention Systems provide Application
Protection, Performance Protection and Infrastructure Protection at
gigabit speeds through total packet inspection. Application Protection
capabilities provide fast, accurate, reliable protection from internal
and external cyber attacks. Through its Infrastructure Protection
capabilities, the TippingPoint IPS protects VoIP infrastructure,
routers, switches, DNS and other critical infrastructure from targeted
attacks and traffic anomalies. TippingPoint's Performance Protection
capabilities enable customers to throttle non-mission critical
applications that hijack valuable bandwidth and IT resources, thereby
aligning network resources and business-critical application
performance.
The system is built upon TippingPoint's Threat Suppression Engine (TSE)
- a highly specialized hardware-based intrusion prevention platform
consisting of state-of-the-art network processor technology and
TippingPoint's own set of custom ASICs. The TippingPoint ASIC-based
Threat Suppression Engine is the underlying technology that has
revolutionized network protection. Through a combination of pipelined
and massively parallel processing hardware, the TSE is able to perform
thousands of checks on each packet flow simultaneously. The TSE
architecture utilizes custom ASICs, a 20 Gbps backplane and
high-performance network processors to perform total packet flow
inspection at Layers 2-7. Parallel processing ensures that packet flows
continue to move through the IPS with a latency of less than 215
microseconds, independent of the number of filters that are applied.
The TippingPoint TSE architecture also enables traffic classification
and rate shaping. Sophisticated algorithms baseline "normal" traffic
allowing for automatic thresholds and throttling so that mission
critical applications are given a higher priority on the network.
The TippingPoint IPS family offers a range of products that differ in
capacity and the number of simultaneous segments they protect.
TippingPoint X505
TippingPoint 50
TippingPoint 200
TippingPoint 200E
TippingPoint 400
TippingPoint 1200E
TippingPoint 2400E
TippingPoint 5000E
TippingPoint SMS (Enterprise-Level Management System)
TippingPoint ZPHA (Zero Power High Availability)
An integral part of the TippingPoint solution is the Digital Vaccine®
Service that delivers new filters on a weekly or even daily basis to
maintain evergreen protection for the latest vulnerabilities, exploits,
viruses and rogue applications."
I trust this will help everyone to understand the vulnerability that
you have described. As I am going away on holidays in a few weeks I
hope we can wrap this up quickly. Let me know as soon as the table is
created.
I apologise for posting to this thread after I indicated that I would
not do so.
Happy (Canadian) Thanksgiving!