帮忙翻印下英文文章或提供文章出处,谢谢。。

来源:百度知道 编辑:UC知道 时间:2024/06/07 17:06:34
Where have all the worms gone? Not too long ago, new malware was making its way around the world on a very regular basis. Headlines on technology sites excitedly and incessantly warned us about the wrath of Code Red, Slammer, Sober, Netsky, Nimda, ILoveYou and their equally oddly-named brethren. Happily it's been a while since a worm or virus paralysed systems on a wide scale. But unhappily, critical data has never been more at risk.

Skilled malicious hackers are no longer interested in getting millions of people to open up emailed attachments that will then pester everyone listed in an infected machine's address book. Instead, these people are becoming more business-like, concentrating on opening new streams of revenue for themselves by directly targeting and penetrating networks to grab data that they can use, or sell for profit.
Data theft isn't new, of course, but it is on the rise, and attacks against databases continue to become more sophisticated. Thi

所有的蠕虫不见了?不久前,新型恶意软件,是其在全世界很正规的基础。在技术网站标题,不停地告诫我们兴奋的忿怒的“红色代码”,让希尔顿入狱,冷静一下,Netsky,尼姆达,ILoveYou和他们一样oddly-named骨肉(原文作弟兄)。快乐是至今已有一段一个蠕虫或病毒瘫痪的系统在广阔的规模。但不幸的是,数据从来就更加危险。

  熟练的恶意黑客不再有兴趣获得数以百万计的人打开电邮附件,然后每个人在感染列出过问机器的通讯录。取而代之的是,这些人正变得更加严谨、集中开拓新的溪流收入为自己的目标和网络直接抓住数据,他们可以利用,或销售利润。
  数据并不是新鲜事,失窃的课程,但它是在不断上升,攻击数据库继续变得更加复杂了。这并不是因为数据库系统本身是缺乏安全感的比其他任何人为的应用,但主要是因为他们已经成为了圣杯的恶意黑客想把快速获利。一个应用程序经常攻击,你一定会找到可利用的洞。这个问题复杂化和数据库做复杂的野兽,被喂食其他应用信息,其中有一些是vendor-supplied和其他人也许创造内部或通过提供的api。更复杂的申请,就更有可能是港口隐藏的洞。
  在这篇文章中我最常见的向量和最安全的攻击行为,可以帮助人们抵御甚至最强烈的恶意黑客。我们要看看这个类型的攻击,通常是由内部和外部,和一些不需要任何人工干预,但还是毁灭的数据。

出处:Network Security
Volume 2007, Issue 7, July 2007, Pages 14-17

标题:Defending the database

Ulf Mattssona, chief technology officer