摘要
随着信息存储负担加重,甲骨文(Oracle)数据库架构在诸多机构内被广泛采用,而相应的安全研究尚不全面。基于以往的某些信息隐藏技术尤其是超文本传输协议(Hypertext Transfer Protocol,HTTP)隧道技术,文中提出了一种基于Oracle隐蔽后门的文件传输方式,可用来进行跨网络的文件传输。利用已有的Oracle网络传输协议和自定义的函数或存储过程,可以简单绕过Oracle的安全机制实现对操作系统的直接访问。实验表明,此种文件传输隧道技术的灵活性高,隐蔽性好,不易被防火墙拦截。
With the increasing demand of information storage, Oracle database structure is widely adopted in all kinds of institutes, while the relative security research is not in an all-round way. Based on some former data ensconcing techniques, especially HTTP tunnel, a new type of data ensconcing and transferring method based on Oracle net protocol is proposed, which could be used in file transfer over different networks. Oracle protocol and user-defined function or stored procedure could be employed to simply bypass the Oracle's security mechanism and access the operation system directly. The experiment results indicate that hidden file transfer tunnel is of high flexibility and concealment, and also could hardly be blocked by a firewall.
出处
《信息安全与通信保密》
2011年第12期73-75,共3页
Information Security and Communications Privacy
关键词
数据库
隧道
文件传输
database
tunnel
file transfer
