LOCATION: PricewaterhouseCoopers, Lakepointe I room 6097, 3109 W. MLK Blvd., Tampa ATTENDANCE: see sign-in sheet
FEATURED PRESENTATION: Sentrigo's Todd DeSantis - SQL Injection Attacks
Todd discussed various attack vectors related to web interfaces to database
systems.He demonstrated how easy
it is to gain DBA privileges via an unpatched vulnerability with nothing more
than the SCOTT/TIGER account.He
also discussed some best practices for avoiding these types of vulnerabilities
when developing code.
Todd also demo'ed Sentrigo's Hedgehog product which provides
detection and prevention for attacks of this nature.
Topics Discussed:
The evening began with our
standard registration, networking with fellow SOUG members, and light
refreshments.This month,
Nick's Smokehouse provided BBQ pork, BBQ chicken, salad, and sides.
Kirt Hall called the meeting
to order and welcomed all.
Job Report: Troy reported that the local Oracle job
market is still fairly strong. He had half a dozen opportunities that
ranged from short term contract, contract-to-perm, and full time
perm.Send Troy
email (tligon@soug.org) if you are interested in further details.
A Survey has been added to
the Website for gathering topics and information from the members for
future planning of the meetings.
SOUG TechDay 2008 is in the
planning stages.The date was
announced as Monday, May 12, 2008.
